2 matches found
SUSE-SU-2026:0907-1 Security update for kea
This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: - CVE-2025-32801: Loading a malicious hook library can lead to local privilege escalation. - CVE-2025-32802: Insecure handling of file paths allows multiple local attacks. - CVE-2025-32803: Insecure file permissio...
kea: Insecure handling of file paths allows multiple local attacks
A vulnerability was found in the Kea package. If an attacker has access to a local user account and the Kea API entry points are not secured, the attacker may use the API to modify Kea's configuration files or overwrite any system's file which a Kea running user has write access. This may be...