13 matches found
SUSE CVE-2022-31252
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...
CVE-2022-31252
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...
CVE-2022-31252
CVE-2022-31252 describes an Incorrect Authorization in chkstat where group-writable path components aren’t checked, allowing local attackers with group write access to influence path resolution for a privileged binary. Affected: SLES 12-SP5 (permissions versions prior to 20170707); openSUSE Leap ...
SUSE: Security Advisory (SUSE-SU-2022:3382-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3394-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for permissions (SUSE-SU-2022:3394-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:3394-1 Security update for permissions
This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths bsc1203018...
SUSE-SU-2022:3382-1 Security update for permissions
This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths bsc1203018. - Add capability for prometheus-blackboxexporter bsc1191194. - Make btmp root:utmp bsc1050467...
SUSE: Security Advisory (SUSE-SU-2022:3353-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for permissions (SUSE-SU-2022:3353-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:3353-1 Security update for permissions
This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths bsc1203018...
OPENSUSE-SU-2022:10128-1 Security update for permissions
This update for permissions fixes the following issues: Update to version 20200127: chkstat: also consider group controlled paths boo1203018, CVE-2022-31252...
CVE-2022-31252
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the...