ELSA-2023-12299

Опубликовано: 27 апр. 2023

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2023-12299: cloud-init security update (IMPORTANT)

[22.1-7.0.3.el9_1]

Fix log file permission [Orabug: 35302969]

[22.1-7.0.2.el9_1]

Fix CVE-2023-1786 [Orabug: 35302969]

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

cloud-init

22.1-7.0.3.el9_1

Oracle Linux x86_64

cloud-init

22.1-7.0.3.el9_1

Связанные CVE

CVE-2023-1786

Ссылки на источники

Связанные уязвимости

CVE-2023-1786

CVSS3: 5.5

ubuntu

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

redhat

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

nvd

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

CVE-2023-1786

CVSS3: 5.5

msrc

около 2 лет назад

Описание отсутствует

CVE-2023-1786

CVSS3: 5.5

debian

около 2 лет назад

Sensitive data could be exposed in logs of cloud-init before version 2 ...