3 matches found
CVE-2024-2746 affecting package dnf5 for versions less than 5.1.11-2
CVE-2024-2746 affecting package dnf5 for versions less than 5.1.11-2. A patched version of the package is available...
CVE-2024-2746
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...
CVE-2024-2746 Incomplete fix for CVE-2024-1929
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...