2 matches found
RockyLinux 10 : yggdrasil (RLSA-2025:7592)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7592 advisory. yggdrasil: Local privilege escalation in yggdrasil CVE-2025-3931 Tenable has extracted the preceding description block directly from the RockyLinux...
Local Privilege Escalation
github.com/redhatinsights/yggdrasil is vulnerable to local privilege escalation. The vulnerability is due to missing authentication and authorization checks on a DBus method that dispatches messages to worker processes, allowing any local user to trigger privileged package management actions...