Security Advisory

CVE-2024-2905

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-25 17:44:15

Last updated 2025-11-06 22:36:51

Assigner redhat

State PUBLISHED

Description

A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.

← Browse all CVEs View on cve.org ↗