Lucene search
SuseOPENSUSE-SU-2022:10187-1HistoryNov 02, 2022 - 12:00 a.m.
Security update for EternalTerminal (important)
2022-11-0200:00:00
lists.opensuse.org
9
eternalterminal
security update
vulnerabilities
privilege escalation
dos
patch
suse
opensuse
race condition
ssh authorization socket
remote attack
0.003 Low
EPSS
Percentile
68.4%
An update that fixes four vulnerabilities is now available.
Description:
This update for EternalTerminal fixes the following issues:
Update to 6.2.1:
- CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC
socket (boo#1202435) - CVE-2022-24950: Fixed privilege escalation to root (boo#1202434)
- CVE-2022-24951: Fixed DoS triggered remotely by invalid sequence numbers
(boo#1202433) - CVE-2022-24952: Fixed race condition allows authenticated attacker to
hijack other users’ SSH authorization socket (boo#1202432)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10187=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Backports SLE | 15-SP3 | aarch64 | - opensuse backports sle | < 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.aarch64.rpm |
| openSUSE Backports SLE | 15-SP3 | x86_64 | - opensuse backports sle | < 15-SP3 (aarch64 x86_64): | - openSUSE Backports SLE-15-SP3 (aarch64 x86_64):.x86_64.rpm |
Related
nessus
nessus
openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10185-1)
2022-11-03 00:00:00
openSUSE 15 Security Update : EternalTerminal (openSUSE-SU-2022:10187-1)
2022-11-03 00:00:00
suse
suse
Security update for EternalTerminal (important)
2022-11-02 00:00:00
cve
cve
nvd
nvd
osv
osv
prion
prion
Denial of service
2022-08-16 01:15:00
Race condition
2022-08-16 01:15:00
Race condition
2022-08-16 01:15:00
cvelist
cvelist