Vulnerability Details : CVE-2016-8637
A local information disclosure issue was found in dracut before 045 when generating initramfs images with world-readable permissions when 'early cpio' is used, such as when including microcode updates. Local attacker can use this to obtain sensitive information from these files, such as encryption keys or credentials.
Vulnerability category: Information leak
Products affected by CVE-2016-8637
- cpe:2.3:a:dracut_project:dracut:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-8637
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 19 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-8637
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
5.0
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N |
1.3
|
3.6
|
Red Hat, Inc. |
CWE ids for CVE-2016-8637
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Secondary)
-
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.Assigned by: secalert@redhat.com (Primary)
References for CVE-2016-8637
-
http://seclists.org/oss-sec/2016/q4/352
oss-sec: CVE-2016-8637: dracut creates world readble initramfs when early cpio is usedExploit;Mailing List;Third Party Advisory
-
https://github.com/dracutdevs/dracut/commit/0db98910a11c12a454eac4c8e86dc7a7bbc764a4
dracut.sh: create the initramfs non-world readable also if early cpio… · dracutdevs/dracut@0db9891 · GitHubPatch;Third Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8637
1392056 – (CVE-2016-8637) CVE-2016-8637 dracut: Local information disclosure of initramfs when early cpio is usedExploit;Issue Tracking;Third Party Advisory
-
http://www.securityfocus.com/bid/94128
Dracut CVE-2016-8637 Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
Jump to