CVE-2019-13178

Опубликовано: 02 июл. 2019

Источник: debian

EPSS Низкий

Описание

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
calamares	fixed	3.2.11-1		package

Примечания

https://github.com/calamares/calamares/issues/1190
Fixed by: https://github.com/calamares/calamares/commit/c9b675cbc64ac5aab35ddd86a64311abd50f7720
Negligible security impact, Debian live media grant a sudo root shell anyway

EPSS

Процентиль: 83%

0.01971

Низкий

Связанные уязвимости

CVE-2019-13178

CVSS3: 8.1

ubuntu

больше 6 лет назад

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.

CVE-2019-13178

CVSS3: 8.1

nvd

больше 6 лет назад

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.

openSUSE-SU-2019:2628-1

suse-cvrf

около 6 лет назад

Security update for calamares

GHSA-j52x-jwvh-c5gg

CVSS3: 8.1

github

больше 3 лет назад

modules/luksbootkeyfile/main.py in Calamares through 3.2.4 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.

EPSS

Процентиль: 83%

0.01971

Низкий