EUVD-2019-4703

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-8637

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used,...

dracut: Creates initramfs images with world-readable permissions (information disclosure)

It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information...

Fedora 18 : dracut-024-5.git20121019.fc18 (2012-16448)

fixed ifup exit code - fixed default 'rd.auto' parameter setting - only 'warn' not 'error', if we don't strip the initramfs - do not overwrite ifcfg from anaconda - ssh-client module fixes - strip binaries in the initramfs by default now - fixes for systemd and crypto - new dracut kernel command...

DEBIAN-CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

UBUNTU-CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...