Information disclosure in Gentoo Linux

CVE-2007-6249

etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for the merge file, often resulting in permissions weaker than those of the original files, which might allow local users to obtain sensitive info…

Vulnerability class: Information Disclosure

EPSS: 0.004 (34.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References