Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-29800

Опубликовано: 27 апр. 2022
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a specific time between discovering and running the script. This flaw allows an attacker to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

Отчет

This issue does not affect Red Hat Enterprise Linux 6, 7, 8, and 9 as the networkd-dispatcher package is currently not provided in any of our supported products.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6networkd-dispatcherNot affected
Red Hat Enterprise Linux 7networkd-dispatcherNot affected
Red Hat Enterprise Linux 8networkd-dispatcherNot affected
Red Hat Enterprise Linux 9networkd-dispatcherNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-367
https://bugzilla.redhat.com/show_bug.cgi?id=2080001networkd-dispatcher: Time-of-check-time-of-use (TOCTOU) race condition

EPSS

Процентиль: 48%
0.00254
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-29800

CVSS3: 4.7
ubuntu
больше 3 лет назад

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

nvd логотип

CVE-2022-29800

CVSS3: 4.7
nvd
больше 3 лет назад

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

debian логотип

CVE-2022-29800

CVSS3: 4.7
debian
больше 3 лет назад

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was ...

github логотип

GHSA-37cj-9g83-7692

CVSS3: 4.7
github
больше 3 лет назад

A time-of-check-time-of-use (TOCTOU) race condition vulnerability was found in networkd-dispatcher. This flaw exists because there is a certain time between the scripts being discovered and them being run. An attacker can abuse this vulnerability to replace scripts that networkd-dispatcher believes to be owned by root with ones that are not.

EPSS

Процентиль: 48%
0.00254
Низкий

4.7 Medium

CVSS3