CVE-2024-23301 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-23301 Interim 1 17 2025-06-05T00:04:07Z current 2024-01-14T00:08:47Z 2025-06-05T00:04:07Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-23301 Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2024-January/017682.html E-Mail link for SUSE-SU-2024:0135-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017685.html E-Mail link for SUSE-SU-2024:0148-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017745.html E-Mail link for SUSE-SU-2024:0190-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017764.html E-Mail link for SUSE-SU-2024:0239-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017772.html E-Mail link for SUSE-SU-2024:0247-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017766.html E-Mail link for SUSE-SU-2024:0253-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017832.html E-Mail link for SUSE-SU-2024:0291-1 https://lists.suse.com/pipermail/sle-security-updates/2024-January/017831.html E-Mail link for SUSE-SU-2024:0292-1 https://lists.suse.com/pipermail/sle-security-updates/2024-February/018062.html E-Mail link for SUSE-SU-2024:0657-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 SUSE Liberty Linux 9 SUSE Linux Enterprise High Availability Extension 12 SP5 SUSE Linux Enterprise High Availability Extension 15 SP1 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP5 SUSE Linux Enterprise High Availability Extension 15 SP6 SUSE Linux Enterprise High Availability Extension 15 SP7 openSUSE Leap 15.5 openSUSE Tumbleweed rear-2.6-11.el8_9 rear-2.6-21.el9_3 rear-2.7-2.1 rear116-1.16-15.3.1 rear1172a-1.17.2.a-5.3.1 rear118a-1.18.a-9.3.1 rear23a-2.3.a-150000.9.9.1 rear23a-2.3.a-150300.21.3.1 rear23a-2.3.a-3.9.1 rear27a-2.7-150200.5.6.1 rear27a-2.7-150500.3.3.1 rear27a-2.7-8.6.1 rear-2.6-11.el8_9 as a component of SUSE Liberty Linux 8 rear-2.6-21.el9_3 as a component of SUSE Liberty Linux 9 rear116-1.16-15.3.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 rear1172a-1.17.2.a-5.3.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 rear118a-1.18.a-9.3.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 rear23a-2.3.a-3.9.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 rear27a-2.7-8.6.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP5 rear23a-2.3.a-150000.9.9.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 rear23a-2.3.a-150000.9.9.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 rear27a-2.7-150200.5.6.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 rear23a-2.3.a-150300.21.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 rear27a-2.7-150200.5.6.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 rear23a-2.3.a-150300.21.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 rear27a-2.7-150200.5.6.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 rear23a-2.3.a-150300.21.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP5 rear27a-2.7-150500.3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP5 rear23a-2.3.a-150300.21.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP6 rear27a-2.7-150500.3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP6 rear23a-2.3.a-150300.21.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP7 rear27a-2.7-150500.3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP7 rear23a-2.3.a-150300.21.3.1 as a component of openSUSE Leap 15.5 rear27a-2.7-150500.3.3.1 as a component of openSUSE Leap 15.5 rear-2.7-2.1 as a component of openSUSE Tumbleweed Relax-and-Recover (aka ReaR) through 2.7 creates a world-readable initrd when using GRUB_RESCUE=y. This allows local attackers to gain access to system secrets otherwise only readable by root. CVE-2024-23301 SUSE Liberty Linux 8:rear-2.6-11.el8_9 SUSE Liberty Linux 9:rear-2.6-21.el9_3 SUSE Linux Enterprise High Availability Extension 12 SP5:rear116-1.16-15.3.1 SUSE Linux Enterprise High Availability Extension 12 SP5:rear1172a-1.17.2.a-5.3.1 SUSE Linux Enterprise High Availability Extension 12 SP5:rear118a-1.18.a-9.3.1 SUSE Linux Enterprise High Availability Extension 12 SP5:rear23a-2.3.a-3.9.1 SUSE Linux Enterprise High Availability Extension 12 SP5:rear27a-2.7-8.6.1 SUSE Linux Enterprise High Availability Extension 15 SP1:rear23a-2.3.a-150000.9.9.1 SUSE Linux Enterprise High Availability Extension 15 SP2:rear23a-2.3.a-150000.9.9.1 SUSE Linux Enterprise High Availability Extension 15 SP2:rear27a-2.7-150200.5.6.1 SUSE Linux Enterprise High Availability Extension 15 SP3:rear23a-2.3.a-150300.21.3.1 SUSE Linux Enterprise High Availability Extension 15 SP3:rear27a-2.7-150200.5.6.1 SUSE Linux Enterprise High Availability Extension 15 SP4:rear23a-2.3.a-150300.21.3.1 SUSE Linux Enterprise High Availability Extension 15 SP4:rear27a-2.7-150200.5.6.1 SUSE Linux Enterprise High Availability Extension 15 SP5:rear23a-2.3.a-150300.21.3.1 SUSE Linux Enterprise High Availability Extension 15 SP5:rear27a-2.7-150500.3.3.1 SUSE Linux Enterprise High Availability Extension 15 SP6:rear23a-2.3.a-150300.21.3.1 SUSE Linux Enterprise High Availability Extension 15 SP6:rear27a-2.7-150500.3.3.1 SUSE Linux Enterprise High Availability Extension 15 SP7:rear23a-2.3.a-150300.21.3.1 SUSE Linux Enterprise High Availability Extension 15 SP7:rear27a-2.7-150500.3.3.1 openSUSE Leap 15.5:rear23a-2.3.a-150300.21.3.1 openSUSE Leap 15.5:rear27a-2.7-150500.3.3.1 openSUSE Tumbleweed:rear-2.7-2.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H