Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2025-9615

Опубликовано: 12 дек. 2025
Источник: redhat
CVSS3: 3.3

Описание

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

Меры по смягчению последствий

SELinux is shipped out of the box in targeted enforcing mode, which prevents processes from having unwanted permissions and mitigates this attack.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10NetworkManagerAffected
Red Hat Enterprise Linux 6NetworkManagerOut of support scope
Red Hat Enterprise Linux 7NetworkManagerFix deferred
Red Hat Enterprise Linux 8NetworkManagerFix deferred
Red Hat Enterprise Linux 9NetworkManagerAffected
Red Hat OpenShift Container Platform 4NetworkManagerAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-281
https://bugzilla.redhat.com/show_bug.cgi?id=2391503NetworkManager: NetworkManager File Access

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2025-9615

CVSS3: 3.3
ubuntu
2 месяца назад

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

nvd логотип

CVE-2025-9615

CVSS3: 3.3
nvd
2 месяца назад

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

debian логотип

CVE-2025-9615

CVSS3: 3.3
debian
2 месяца назад

A flaw was found in NetworkManager. The NetworkManager package allows ...

redos логотип

ROS-20260327-73-0011

redos
4 дня назад

Уязвимость NetworkManager

github логотип

GHSA-w24g-6mf8-65cj

CVSS3: 3.3
github
2 месяца назад

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

3.3 Low

CVSS3