2 matches found
SUSE CVE-2024-2746
Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...
PT-2024-21910 · Dnf5 · Dnf5
Name of the Vulnerable Software and Affected Versions: dnf5 affected versions not specified Description: The issue arises from the dnf5 D-Bus daemon accepting arbitrary configuration parameters from unprivileged users. This allows a local root exploit by tricking the daemon into loading a...