Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2023-30630

Published: April 13, 2023Last modified: September 29, 2023

Description

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.

Severity score breakdown

ParameterValue
Base score7.1
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
Integrity impactNONE
Availability impactHIGH
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSdmidecodeFixed (3.5-r0)
StreamdmidecodeNot affected (3.5-r1)

References

ON THIS PAGE