Описание
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
A flaw was found in stalld package. The affected versions of stalld allow local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | stalld | Fix deferred | ||
| Red Hat Enterprise Linux 8 | stalld | Fix deferred | ||
| Red Hat Enterprise Linux 9 | stalld | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Fix deferred |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-61
https://bugzilla.redhat.com/show_bug.cgi?id=2329574stalld: denial of service
EPSS
Процентиль: 7%
0.00028
Низкий
4.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 4.1
nvd
около 1 года назад
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
CVSS3: 4.1
github
около 1 года назад
stalld through 1.19.7 allows local users to cause a denial of service (file overwrite) via a /tmp/rtthrottle symlink attack.
EPSS
Процентиль: 7%
0.00028
Низкий
4.1 Medium
CVSS3