Home

CVE-2014-9770

Description

tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.095

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libgudev-1_0-0-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libgudev-1_0-0-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libgudev-1_0-0-debuginfo-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libgudev-1_0-0-debuginfo-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libudev1-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libudev1-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libudev1-debuginfo-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) libudev1-debuginfo-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-bash-completion-210-70.48.1.noarch.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-debuginfo-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-debuginfo-32bit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-debugsource-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) systemd-sysvinit-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) udev-210-70.48.1.x86_64.rpmLinux
SUSE-SU-2016:1351-1(SUSE Linux Enterprise Desktop 12 ) udev-debuginfo-210-70.48.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234