CVE-2022-31252
CVE-2022-31252 describes an Incorrect Authorization in chkstat where group-writable path components aren’t checked, allowing local attackers with group write access to influence path resolution for a privileged binary. Affected: SLES 12-SP5 (permissions versions prior to 20170707); openSUSE Leap ...