rpm package
opensuse/dracut&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/dracut&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-6893 | Hig | 7.5 | < 110+suse.35.g9834432-1.1 | 110+suse.35.g9834432-1.1 | Jun 10, 2026 | A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are imp | |
| CVE-2016-8637 | Med | 5.0 | < 044-17.1 | 044-17.1 | Aug 1, 2018 | A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, | |
| CVE-2012-4453 | — | < 044-17.1 | 044-17.1 | Oct 9, 2012 | dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information. |
- affected < 110+suse.35.g9834432-1.1fixed 110+suse.35.g9834432-1.1
A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are imp
- affected < 044-17.1fixed 044-17.1
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files,
- CVE-2012-4453Oct 9, 2012affected < 044-17.1fixed 044-17.1
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.