Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-24302

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. (CVE-2022-24302)

Source

ALASANSIBLE2-2023-002

Amazon Linux 2 Security Advisory: ALASANSIBLE2-2023-002
Advisory Release Date: 2023-08-21 21:01 Pacific
Advisory Updated Date: 2023-09-25 22:13 Pacific

Severity: Medium

References: CVE-2022-24302
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. (CVE-2022-24302)

Affected Packages:

python-paramiko

Issue Correction:
Run yum update python-paramiko to update your system.

New Packages:

noarch:
    python2-paramiko-1.16.1-3.amzn2.0.3.noarch
    python-paramiko-doc-1.16.1-3.amzn2.0.3.noarch

src:
    python-paramiko-1.16.1-3.amzn2.0.3.src

Additional References

Red Hat: CVE-2022-24302

Mitre: CVE-2022-24302

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALASANSIBLE2-2023-002

ALASANSIBLE2-2023-002

Additional References

Vulmon Search

About

Products

Connect