Vulnerability Details : CVE-2024-23301
Potential exploit
Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root.
Products affected by CVE-2024-23301
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:15.0:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
- cpe:2.3:a:relax-and-recover:relax-and-recover:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2024-23301
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 26 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2024-23301
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST | 2024-01-22 |
References for CVE-2024-23301
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHKMPXJNXEJJE6EVYE5HM7EKEJFQMBN7/
[SECURITY] Fedora 38 Update: rear-2.7-8.fc38 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7JIN57LUPBI2GDJOK3PYXNHJTZT3AQTZ/
[SECURITY] Fedora 39 Update: rear-2.7-8.fc39 - package-announce - Fedora Mailing-Lists
-
https://lists.debian.org/debian-lts-announce/2024/02/msg00003.html
[SECURITY] [DLA 3733-1] rear security update
-
https://github.com/rear/rear/pull/3123
Make initrd accessible only by root by jsmeix · Pull Request #3123 · rear/rear · GitHubPatch;Vendor Advisory
-
https://github.com/rear/rear/issues/3122
ReaR creates world-readable initrd with GRUB_RESCUE=Y · Issue #3122 · rear/rear · GitHubExploit;Issue Tracking;Patch;Vendor Advisory
Jump to