Incorrect Default Permissions
CVE-2012-4453
Summary
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
- LOW
- LOCAL
- NONE
- NONE
- PARTIAL
- NONE
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published
