Описание
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | PackageKit | Out of support scope | ||
| Red Hat Enterprise Linux 7 | PackageKit | Out of support scope | ||
| Red Hat Enterprise Linux 8 | PackageKit | Fix deferred | ||
| Red Hat Enterprise Linux 9 | PackageKit | Affected |
Показывать по
Дополнительная информация
Статус:
3.3 Low
CVSS3
Связанные уязвимости
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
A flaw was found in PackageKit in the way some of the methods exposed ...
A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists.
Уязвимость интерфейса транзакций пакетного менеджера PackageKit, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
3.3 Low
CVSS3