← Back

CVE-2016-0764

nvd nist
Published: Jul 17, 2017Modified: May 13, 2026

JSON object

Loading...
6.2
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.5 / Impact: 3.6
Source: NVD

Description

Race condition in Network Manager before 1.0.12 as packaged in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows local users to obtain sensitive connection information by reading temporary files during ifcfg and keyfile changes.

Affected (1)

Redhat
1 product
Networkmanager
Configuration A
1 vulnerable · 4 platform
Vulnerable SoftwareAffected Versions
Networkmanager
Up to 1.0.8
Running on/withPlatform Versions
Redhat
Enterprise Linux Desktop
Version 7.0
Redhat
Enterprise Linux Hpc Node
Version 7.0
Redhat
Enterprise Linux Server
Version 7.0
Redhat
Enterprise Linux Workstation
Version 7.0

Related CWEs

CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (4)

Source: secalert@redhat.com
Third Party Advisory
Source: secalert@redhat.com
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking

Timeline

No history available yet.