rpm package
opensuse/rear&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rear&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23301 | Med | 5.5 | < 2.7-2.1 | 2.7-2.1 | Jan 12, 2024 | Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. |
- affected < 2.7-2.1fixed 2.7-2.1
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.