Описание
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | rust-ssh-key-dir | Will not fix | ||
| Red Hat Enterprise Linux 9 | rust-afterburn | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | kata-containers | Affected | ||
| Red Hat OpenShift Container Platform 4 | rust-afterburn | Will not fix | ||
| Red Hat Trusted Profile Analyzer | rhtpa/rhtpa-trustification-service-rhel9 | Affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
EPSS
7.1 High
CVSS3