CVE-2025-9615
Networkmanager: networkmanager file access
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat OpenShift Container Platform 4Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2026:18142https://access.redhat.com/errata/RHSA-2026:18597https://access.redhat.com/security/cve/CVE-2025-9615https://bugzilla.redhat.com/show_bug.cgi?id=2391503https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1809https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2324https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2327