3 matches found
CVE-2022-31256
CVE-2022-31256 is a local privilege-escalation issue in the openSUSE/openSUSE Factory sendmail workflow. Affected component: a script invoked by the sendmail systemd service. Root cause: improper link resolution before file access ("link following") in that script allows a local attacker to escal...
CVE-2022-31251
CVE-2022-31251 affects openSUSE Factory Slurm packaging: an Incorrect Default Permissions vulnerability in the packaging of the Slurm testsuite allows a local attacker with control over the slurm user to escalate to root. The issue specifically impacts openSUSE Factory Slurm versions before 22.05...
CVE-2021-36781
CVE-2021-36781 affects openSUSE Factory’s parsec package (prior to 0.8.1-1.1). The root cause is mislabeled/incorrect default permissions, enabling a local attacker to imitate the parsec service and cause DoS or clients to talk to an imposter service. Public documents cite instance details such a...