Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
History

Tue, 26 Nov 2024 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 26 Nov 2024 07:45:00 +0000

Type Values Removed Values Added
Description Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
Weaknesses CWE-732
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2024-11-26T07:37:14.737Z

Updated: 2024-11-26T14:09:24.903Z

Reserved: 2024-05-22T09:00:18.956Z

Link: CVE-2024-28955

cve-icon Vulnrichment

Updated: 2024-11-26T14:03:38.008Z

cve-icon NVD

Status : Received

Published: 2024-11-26T08:15:05.043

Modified: 2024-11-26T08:15:05.043

Link: CVE-2024-28955

cve-icon Redhat

No data.