Vulnerability - CVE-2010-4176

Name

CVE-2010-4176

Source

NVD ( link)Debian ( link)

Description

plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.

CWEs

CWE-276

Published Date

Dec 7, 2010

Updated Date

Jun 16, 2026

Workaround

Advisories

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051755.htmlMailing List

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051418.htmlMailing List

http://secunia.com/advisories/42342Not Applicable

http://secunia.com/advisories/42451Not Applicable

http://www.securityfocus.com/bid/45046VDB Entry

http://www.vupen.com/english/advisories/2010/3062Permissions Required

http://www.vupen.com/english/advisories/2010/3110Permissions Required

https://bugzilla.redhat.com/show_bug.cgi?id=654489Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=654935Issue Tracking

http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051755.htmlMailing List

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051418.htmlMailing List

http://secunia.com/advisories/42342Not Applicable

http://secunia.com/advisories/42451Not Applicable

http://www.securityfocus.com/bid/45046VDB Entry

http://www.vupen.com/english/advisories/2010/3062Permissions Required

http://www.vupen.com/english/advisories/2010/3110Permissions Required

https://bugzilla.redhat.com/show_bug.cgi?id=654489Issue Tracking

https://bugzilla.redhat.com/show_bug.cgi?id=654935Issue Tracking

Analysis#

Affected Component

Analysis

dracut

False Positive

Vulnerability Rating#

CVSSv2

Others affected components#

Name

Project

Project Version

Version

Status

dracut

yocto

kirkstone

056

Not Affected

dracut

yocto

master

111

False Positive