Home

CVE-2012-4453

Description

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.039

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-caps-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-fips-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-fips-aesni-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-generic-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-kernel-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-network-004-336.el6.noarch.rpmLinux
(RHSA-2013:1674) Moderate: dracut security, bug fix, and enhancement update dracut-tools-004-336.el6.noarch.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234