CVE-2012-6097

cronie 1.4.8 - Exposure of Sensitive Information via File Descriptor Leak

Title source: llm
STIX 2.1

Description

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab.

References (4)

Core 4
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.novell.com/show_bug.cgi?id=786096
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:033
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=893661
Various Sources x_refsource_confirm
https://bugs.mageia.org/show_bug.cgi?id=8652

Scores

EPSS 0.0135
EPSS Percentile 68.2%

Details

CWE
CWE-200
Status published
Products (1)
fedorahosted/cronie 1.4.8
Published Apr 09, 2013
Tracked Since Feb 18, 2026