A vulnerability has been identified in rpm-ostree, where /etc/shadow file in a default build has the world-readable bit enabled. It is due to higher permissions enabled by default than recommended. https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6 https://issues.redhat.com/browse/OCPBUGS-30732
Created rpm-ostree tracking bugs for this issue: Affects: fedora-all [bug 2274140]
FEDORA-2024-4afd3d38ae (rpm-ostree-2024.4-6.fc39) has been pushed to the Fedora 39 stable repository. If problem still persists, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:3401 https://access.redhat.com/errata/RHSA-2024:3401