Описание
A flaw was found in systemd-machined, a component of systemd. A local attacker can exploit a vulnerability related to how varlink interacts with the root namespace. This can lead to local privilege escalation, allowing the attacker to gain elevated access on the system.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 10 | rpm-ostree | Not affected | ||
| Red Hat Enterprise Linux 10 | systemd | Not affected | ||
| Red Hat Enterprise Linux 7 | systemd | Not affected | ||
| Red Hat Enterprise Linux 8 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 8 | systemd | Not affected | ||
| Red Hat Enterprise Linux 9 | NetworkManager | Not affected | ||
| Red Hat Enterprise Linux 9 | systemd | Not affected | ||
| Red Hat Hardened Images | systemd | Not affected | ||
| Red Hat OpenShift Container Platform 4 | NetworkManager | Not affected |
Показывать по
Дополнительная информация
Статус:
6.7 Medium
CVSS3
Связанные уязвимости
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
In systemd 259 before 260, there is local privilege escalation in syst ...
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
6.7 Medium
CVSS3