CVE Published: 25/04/2024 |
CVE Updated: 24/11/2024 |
CVE Year: 2024 Source: redhat |
Vendor: Red Hat |
Product: Red Hat Enterprise Linux 9 Status : PUBLISHED
CVE-2024-2905 Description
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.