exploitDog

CVE-2019-15325

Опубликовано: 22 авг. 2019

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not.

Ссылки

https://github.com/GalliumOS/galliumos-distro/issues/514
Third Party Advisory
https://www.kernel.org/doc/Documentation/security/Yama.txt
Third Party Advisory
https://github.com/GalliumOS/galliumos-distro/issues/514
Third Party Advisory
https://www.kernel.org/doc/Documentation/security/Yama.txt
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:galliumos:galliumos:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00237

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-q9qm-mg3c-p65c

CVSS3: 7.5

github

больше 3 лет назад

In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not.

EPSS

Процентиль: 46%

0.00237

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo