Lucene search
K
SuseCaas Platform

7 matches found

CVE
CVE
added 2026/04/22 8:15 a.m.832 views

CVE-2026-31431

CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...

7.8CVSS5.6AI score0.96267EPSS
In wild
CVE
CVE
added 2018/01/03 6:0 a.m.548 views

CVE-2017-18017

CVE-2017-18017 affects the Linux kernel’s tcpmss_mangle_packet in net/netfilter/xt_TCPMSS.c. When xt_TCPMSS is used in an iptables action, a remote attacker can trigger a use-after-free and memory corruption, leading to a denial of service. Affected versions are Linux kernel before 4.11, and 4.9....

10CVSS9.5AI score0.52841EPSS
CVE
CVE
added 2018/08/10 3:0 p.m.309 views

CVE-2018-6556

CVE-2018-6556 affects lxc-user-nic where, when asked to delete a network interface, the code unconditionally opens a user-supplied path. This can let an unprivileged user infer the existence of a path they should not reach and may trigger side effects by opening (read-only) kernel files such as /...

3.3CVSS3.9AI score0.00347EPSS
CVE
CVE
added 2022/04/27 12:0 a.m.182 views

CVE-2022-27239

CVE-2022-27239 affects cifs-utils up to version 6.14, due to a stack-based buffer overflow when parsing the mount.cifs ip= argument, enabling local attackers to gain root privileges. A patched version is available (e.g., cifs-utils 6.14-2 and later per advisories). Remediation is to update to a f...

7.8CVSS7.7AI score0.00562EPSS
CVE
CVE
added 2020/01/17 8:30 a.m.64 views

CVE-2019-3682

The CVE-2019-3682 entry affects the docker-kubic package in SUSE CaaS Platform 3.0, specifically before 17.09.1_ce-7.6.1. The issue allows access to an insecure API locally on the Kubernetes master node, exposing the system to high-impact confidentiality, integrity, and availability risks (CVSSv3...

8.4CVSS7.8AI score0.0031EPSS
CVE
CVE
added 2021/02/11 4:0 p.m.50 views

CVE-2020-8029

The CVE-2020-8029 entry concerns SUSE CaaS Platform 4.5 where the skuba component permits an Incorrect Permission Assignment for a Critical Resource, enabling local attackers to access the kublet key. Affected versions are skuba prior to the patch referenced by SUSE’s pull request #1416 (https://...

4CVSS4.1AI score0.00291EPSS
CVE
CVE
added 2021/02/11 4:0 p.m.50 views

CVE-2020-8030

CVE-2020-8030 affects SUSE CaaS Platform 4.5, specifically the scuba/skuba join workflow that uses insecure temporary files in /tmp. The root cause is insecure handling of temporary files, enabling a local attacker to leak the bootstrapToken or modify the configuration file before it is processed...

4.4CVSS4.3AI score0.00241EPSS