Vulnerabilities > CVE-2019-15325 - Unspecified vulnerability in Galliumos 3.0

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

galliumos

NVD

Published: 2019-08-22

Updated: 2020-08-24

Summary

In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not.

Vulnerable Configurations

Part	Description	Count
OS	Galliumos Galliumos Galliumos 3.0	1

References

https://github.com/GalliumOS/galliumos-distro/issues/514
https://www.kernel.org/doc/Documentation/security/Yama.txt