A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local malicious user to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat coreos-installer |