Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2012-4453

It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453)

Source

ALAS-2013-257

Amazon Linux AMI Security Advisory: ALAS-2013-257
Advisory Release Date: 2013-12-11 20:33 Pacific
Advisory Updated Date: 2014-09-16 22:09 Pacific

Severity: Medium

References: CVE-2012-4453 RHSA-2013-1674

Issue Overview:

It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453)

Affected Packages:

dracut

Issue Correction:
Run yum update dracut to update your system.

New Packages:

noarch:
    dracut-tools-004-336.21.amzn1.noarch
    dracut-004-336.21.amzn1.noarch
    dracut-caps-004-336.21.amzn1.noarch
    dracut-kernel-004-336.21.amzn1.noarch
    dracut-fips-004-336.21.amzn1.noarch
    dracut-generic-004-336.21.amzn1.noarch
    dracut-fips-aesni-004-336.21.amzn1.noarch
    dracut-network-004-336.21.amzn1.noarch

src:
    dracut-004-336.21.amzn1.src

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2013-257

ALAS-2013-257

Vulmon Search

About

Products

Connect