1. CVE-Search
  2. CVE-2017-7496
ID CVE-2017-7496
Summary fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.
References
Vulnerable Configurations
  • cpe:2.3:a:fedoraproject:arm_installer:*:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:arm_installer:*:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 09-10-2019 - 23:29)
Impact:
Exploitability:
CWE CWE-755
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
refmap via4
confirm https://pagure.io/arm-image-installer/pull-request/10
Last major update 09-10-2019 - 23:29
Published 26-06-2017 - 14:29
Last modified 09-10-2019 - 23:29
Back to Top