CVE-2008-4996

ADVISORY - nist

Summary

init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via a symlink attack on the /tmp/initramfs.debug temporary file. NOTE: the vendor disputes this vulnerability, stating that "init is [used in] a single-user context; there's no possibility that this is exploitable.

EPSS Score⁠: 0.00108 (0.291)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-59⁠

Improper Link Resolution Before File Access ('Link Following')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.