Unrated severityNVD Advisory· Published Oct 9, 2012· Updated Apr 29, 2026

CVE-2012-4453

Description

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.

Affected products

Dracut Project/Dracut
cpe:2.3:a:dracut_project:dracut:*:*:*:*:*:*:*:*
Range: <024
Fedoraproject/Fedora2 versions
cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Desktop
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
rhn.redhat.com/errata/RHSA-2013-1674.htmlnvdThird Party Advisory
www.openwall.com/lists/oss-security/2012/09/27/3nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2012/09/27/4nvdMailing ListThird Party Advisory
www.openwall.com/lists/oss-security/2012/09/27/6nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/55713nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/79258nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000