ELSA-2023-12298

Опубликовано: 27 апр. 2023

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2023-12298: cloud-init security update (IMPORTANT)

[22.1-6.0.4.el8_7.2]

Fix log file permissions [Orabug: 35302985]

[22.1-6.0.3.el8_7.2]

Fix CVE-2023-1786 [Orabug: 35302985]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

cloud-init

22.1-6.0.4.el8_7.2

Oracle Linux x86_64

cloud-init

22.1-6.0.4.el8_7.2

Связанные CVE

CVE-2023-1786

Ссылки на источники

Связанные уязвимости

CVE-2023-1786

CVSS3: 5.5

ubuntu

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

redhat

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

nvd

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

msrc

около 2 лет назад

Описание отсутствует

CVE-2023-1786

CVSS3: 5.5

debian

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 2 ...