AlmaLinux 9 : rear (ALSA-2024:1147)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1147 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets...

rear security update

2.6-21.0.1 - rear: creates a world-readable initrd CVE-2024-23301...

Oracle Linux 9 : rear (ELSA-2024-1147)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1147 advisory. 2.6-21.0.1 - rear: creates a world-readable initrd CVE-2024-23301 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Moderate: Red Hat Security Advisory: rear security update

An update for rear is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Moderate: rear security update

Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fixes: rear: creates a world-readable initrd...

ALSA-2024:1147 Moderate: rear security update

Relax-and-Recover is a recovery and system migration utility. The utility produces a bootable image and restores from backup using this image. It allows to restore to different hardware and can therefore be also used as a migration utility. Security Fixes: rear: creates a world-readable initrd...

SUSE-SU-2024:0657-1 Security update for rear27a

This update for rear27a fixes the following issues: - CVE-2024-23301: Fixed world-readable initrd with GRUBRESCUE=Y bsc1218728. Bug fixes: - Fix mkinitrd dependency issue by installing dracut-mkinitrd-deprecated see bsc1202352...

Fedora 38 : rear (2024-49ddbf447d)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-49ddbf447d advisory. Fri Feb 9 2024 Luk Zaoral - 2.7-8 - Sync with patches in CentOS Stream 9 kudos to @pcahyna! chronologically from the latest: - Resolve libs for...

Fedora 39 : rear (2024-a2f6e5ddb8)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a2f6e5ddb8 advisory. Fri Feb 9 2024 Luk Zaoral - 2.7-8 - Sync with patches in CentOS Stream 9 kudos to @pcahyna! chronologically from the latest: - Resolve libs for...

Amazon Linux 2 : rear (ALAS-2024-2451)

The version of rear installed on the remote host is prior to 2.00-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2451 advisory. Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain...

Medium: rear

Issue Overview: Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301 Affected Packages: rear Note: This advisory is applicable to Amazon Linux 2...

Debian dla-3733 : rear - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3733 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3733-1 [email protected] https://www.debian.org/lts/security/...

SUSE SLES12 Security Update : rear1172a (SUSE-SU-2024:0292-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0292-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE SLES12 Security Update : rear116 (SUSE-SU-2024:0291-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0291-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE SLES15 Security Update : rear27a (SUSE-SU-2024:0253-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0253-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE-SU-2024:0253-1 Security update for rear27a

This update for rear27a fixes the following issues: - CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUBRESCUE=Y. bsc1218728...

SUSE-SU-2024:0247-1 Security update for rear23a

This update for rear23a fixes the following issues: - CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUBRESCUE=Y. bsc1218728...

OESA-2024-1077 rear security update

Relax-and-Recover is a setup-and-forget Linux bare metal disaster recovery solution. It is easy to set up and requires no maintenance so there is no excuse for not using it. Security Fixes: Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows...

SUSE SLES12 Security Update : rear23a (SUSE-SU-2024:0148-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:0148-1 advisory. - Relax-and-Recover aka ReaR through 2.7 creates a world-readable initrd when using GRUBRESCUE=y. This allows local attackers to gain access to system...

SUSE-SU-2024:0148-1 Security update for rear23a

This update for rear23a fixes the following issues: - CVE-2024-23301: Fixed ReaR creates world-readable initrd with GRUBRESCUE=Y. bsc1218728...