Back to bug 2064315
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2022-03-15 14:25:33 UTC | CC | security-response-team | |
| Guilherme de Almeida Suckevicz | 2022-03-15 14:27:21 UTC | Summary | EMBARGOED PackageKit: Information Disclosure in Transaction Interface via timing | EMBARGOED CVE-2022-0987 PackageKit: Information Disclosure in Transaction Interface via timing |
| Alias | CVE-2022-0987 | |||
| Guilherme de Almeida Suckevicz | 2022-03-15 14:27:38 UTC | Blocks | 2050422 | |
| Guilherme de Almeida Suckevicz | 2022-03-15 14:46:32 UTC | Blocks | 2064328 | |
| Guilherme de Almeida Suckevicz | 2022-03-15 16:15:20 UTC | Summary | EMBARGOED CVE-2022-0987 PackageKit: Information Disclosure in Transaction Interface via timing | CVE-2022-0987 PackageKit: Information Disclosure in Transaction Interface via timing |
| Group | qe_staff, security | |||
| CC | gnome-sig, jonathan, rdieter, smparrish | |||
| Guilherme de Almeida Suckevicz | 2022-03-15 16:15:32 UTC | Depends On | 2064361 | |
| Guilherme de Almeida Suckevicz | 2022-03-15 16:36:10 UTC | Depends On | 2064373, 2064372 | |
| Guilherme de Almeida Suckevicz | 2022-03-15 16:55:35 UTC | Doc Text | A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examine files, allowing a local user to know whether a file owned by root or other users exists by measuring the time these methods take to execute. | |
| Richard Hughes | 2022-03-16 12:32:02 UTC | Status | NEW | ASSIGNED |
| RaTasha Tillery-Smith | 2022-03-16 12:56:27 UTC | Doc Text | A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examine files, allowing a local user to know whether a file owned by root or other users exists by measuring the time these methods take to execute. | A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file is owned by root or if other users exist. |
| Guilherme de Almeida Suckevicz | 2022-03-16 13:03:42 UTC | Doc Text | A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file is owned by root or if other users exist. | A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists. |
| Richard Hughes | 2022-03-18 16:19:30 UTC | CC | matthias | |
| Red Hat Bugzilla | 2023-07-07 08:28:52 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 2064315