Search criteria

2 vulnerabilities found for arm_installer by fedoraproject

CVE-2017-7496 (GCVE-0-2017-7496)

Vulnerability from nvd – Published: 2017-06-26 14:00 – Updated: 2024-08-05 16:04
VLAI
Summary
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Red Hat, Inc. fedora-arm-installer Affected: up to and including 1.99.16
Create a notification for this product.
Date Public
2017-06-12 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:11.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://pagure.io/arm-image-installer/pull-request/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fedora-arm-installer",
          "vendor": "Red Hat, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "up to and including 1.99.16"
            }
          ]
        }
      ],
      "datePublic": "2017-06-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-26T13:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://pagure.io/arm-image-installer/pull-request/10"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-7496",
    "datePublished": "2017-06-26T14:00:00.000Z",
    "dateReserved": "2017-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T16:04:11.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-7496 (GCVE-0-2017-7496)

Vulnerability from cvelistv5 – Published: 2017-06-26 14:00 – Updated: 2024-08-05 16:04
VLAI
Summary
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.
Severity
No CVSS data available.
CWE
Assigner
References
Impacted products
Vendor Product Version
Red Hat, Inc. fedora-arm-installer Affected: up to and including 1.99.16
Create a notification for this product.
Date Public
2017-06-12 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:11.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://pagure.io/arm-image-installer/pull-request/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fedora-arm-installer",
          "vendor": "Red Hat, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "up to and including 1.99.16"
            }
          ]
        }
      ],
      "datePublic": "2017-06-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-391",
              "description": "CWE-391",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-26T13:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://pagure.io/arm-image-installer/pull-request/10"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-7496",
    "datePublished": "2017-06-26T14:00:00.000Z",
    "dateReserved": "2017-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T16:04:11.869Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}