24 matches found
EUVD-2024-20820
Malicious code in bioql PyPI...
Rocky Linux 8 : rear (RLSA-2024:1719)
The remote Rocky Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2024:1719 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
Updated rear packages fix security vulnerability
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301...
AlmaLinux 8 : rear (ALSA-2024:1719)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1719 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
AlmaLinux 9 : rear (ALSA-2024:1147)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1147 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...
Oracle Linux 9 : rear (ELSA-2024-1147)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1147 advisory. 2.6-21.0.1 - rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the Oracle Linux security...
openSUSE Security Advisory (SUSE-SU-2024:0247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: rear
Issue Overview: Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301 Affected Packages: rear Note: This advisory is applicable to Amazon Linux 2...
[SECURITY] [DLA 3733-1] rear security update
Debian LTS Advisory DLA-3733-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 03, 2024 https://wiki.debian.org/LTS Package : rear Version : 2.4+dfsg-1+deb10u1 CVE ID : CVE-2024-23301 rear is a disaster recovery and system migration framework. It has been...
SUSE SLES12 Security Update : rear1172a (SUSE-SU-2024:0292-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0292-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...
SUSE SLES12 Security Update : rear116 (SUSE-SU-2024:0291-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0291-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...
SUSE SLES15 Security Update : rear27a (SUSE-SU-2024:0253-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0253-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...
SUSE SLES15 / openSUSE 15 Security Update : rear23a (SUSE-SU-2024:0247-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0247-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain acce...
SUSE-SU-2024:0247-1 Security update for rear23a
This update for rear23a fixes the following issues: - CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUBRESCUE=Y. bsc1218728...
SUSE SLES12 Security Update : rear23a (SUSE-SU-2024:0148-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0148-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...
SUSE SLES12 Security Update : rear27a (SUSE-SU-2024:0135-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0135-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...
CVE-2024-23301
A vulnerability has been identified in Relax-and-Recover ReaR, where the use of GRUBRESCUE=y results in the creation of an initrd that is readable by anyone. This flaw could potentially enable local attackers to obtain access to system secrets that are typically restricted to root privileges...
SUSE CVE-2024-23301
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...
CVE-2024-23301
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...
CVE-2024-23301
Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root...