CVE-2012-4453 Information

Description

dracut.sh in dracut as used in Red Hat Enterprise Linux 6 Fedora 16 and 17 and possibly other products creates initramfs images with world-readable permissions which might allow local users to obtain sensitive information.

Reference

http://git.kernel.org/?p=boot/dracut/dracut.git;a=commit;h=e1b48995c26c4f06d1a71 http://rhn.redhat.com/errata/RHSA-2013-1674.html http://www.openwall.com/lists/oss-security/2012/09/27/3 http://www.openwall.com/lists/oss-security/2012/09/27/4 http://www.openwall.com/lists/oss-security/2012/09/27/6 http://www.securityfocus.com/bid/55713 https://bugzilla.redhat.com/show_bug.cgi?id=859448 https://exchange.xforce.ibmcloud.com/vulnerabilities/79258