cpe:/a:fedoraproject:dracut cpe:/o:fedoraproject:fedora:16 cpe:/o:fedoraproject:fedora:17 cpe:/o:redhat:enterprise_linux:6 CVE-2012-4453 2012-10-09T19:55:05.313-04:00 2017-08-28T21:32:17.587-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2012-10-10T15:05:00.000-04:00 BID 55713 REDHAT RHSA-2013:1674 MLIST [oss-security] 20120927 Re: dracut creates non-world readable initramfs images MLIST [oss-security] 20120927 Re: dracut creates world readable initramfs images MLIST [oss-security] 20120927 dracut creates non-world readable initramfs images XF dracut-initramfs-information-disclosure(79258) MISC http://git.kernel.org/?p=boot/dracut/dracut.git;a=commit;h=e1b48995c26c4f06d1a71 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=859448 dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.