rpm package
suse/rear23a&distro=SUSE Linux Enterprise High Availability Extension 15 SP4
pkg:rpm/suse/rear23a&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-23301 | Med | 5.5 | < 2.3.a-150300.21.3.1 | 2.3.a-150300.21.3.1 | Jan 12, 2024 | Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. |
- affected < 2.3.a-150300.21.3.1fixed 2.3.a-150300.21.3.1
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.