Vulnerability Description
Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Networkmanager | <= 1.0.8 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Hpc Node | 7.0 |
| Redhat | Enterprise Linux Server | 7.0 |
| Redhat | Enterprise Linux Workstation | 7.0 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2016-2581.htmlThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1324025Issue Tracking
- http://rhn.redhat.com/errata/RHSA-2016-2581.htmlThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1324025Issue Tracking
FAQ
What is CVE-2016-0764?
CVE-2016-0764 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux ...
How severe is CVE-2016-0764?
CVE-2016-0764 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-0764?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Networkmanager, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Hpc Node, Redhat Enterprise Linux Server, Redhat Enterprise Linux Workstation.