CVE-2014-0246
Published: 29 May 2014
SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive.
Notes
Author | Note |
---|---|
tyhicks | Fixed upstream in the 3.2 release |
Priority
Status
Package | Release | Status |
---|---|---|
sosreport Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
|
precise |
Does not exist
|
|
trusty |
Released
(3.4-1~ubuntu14.04.1)
|
|
upstream |
Released
(3.2)
|
|
vivid |
Not vulnerable
(3.2-2)
|
|
wily |
Not vulnerable
|
|
xenial |
Not vulnerable
|
|
yakkety |
Not vulnerable
|
|
zesty |
Not vulnerable
|
|
Patches: upstream: https://github.com/sosreport/sos/commit/5447facd2edd3b3e5f1d3ad736b411f8e6406077 upstream: https://github.com/sosreport/sos/commit/23182c4f13fbadc9b7c2ab75c1ca249d5ba987d1 upstream: https://github.com/sosreport/sos/commit/6501013bb780161e941f5e078a6ed7052f670a51 upstream: https://github.com/sosreport/sos/commit/d335f4f09d033008cb6485d2cd8ca371a974d700 |