发布于3月6日3月6日 Members Alma Linux: CVE-2024-6126: Low: cockpit security update (ALSA-2024-9325) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/03/2024 Created 11/21/2024 Added 11/19/2024 Modified 11/19/2024 Description A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack. Solution(s) alma-upgrade-cockpit alma-upgrade-cockpit-bridge alma-upgrade-cockpit-doc alma-upgrade-cockpit-packagekit alma-upgrade-cockpit-pcp alma-upgrade-cockpit-storaged alma-upgrade-cockpit-system alma-upgrade-cockpit-ws References https://attackerkb.com/topics/cve-2024-6126 CVE - 2024-6126 https://errata.almalinux.org/9/ALSA-2024-9325.html
