A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
References
Configurations
No configuration.
History
25 Apr 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-25 18:15
Updated : 2024-04-26 12:58
NVD link : CVE-2024-2905
Mitre link : CVE-2024-2905
CVE.ORG link : CVE-2024-2905
JSON object : View
Products Affected
No product.
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource