HIGH🇵🇱 Wersja polska

CVE-2022-31250

CVSS 7.1v3.1pub. 2022-07-20upd. 2024-11-21

A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Opensuse Tumbleweed

    APP
    Opensuse
    < 6.4.2-1.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-28321CRITICAL9.8ten sam produkt

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. Th...

CVE-2021-25315CRITICAL9.8ten sam produkt

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumblew...

CVE-2023-32183HIGH7.8ten sam produkt

Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users with access ...

CVE-2020-8026HIGH8.4ten sam produkt

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumblewe...

CVE-2025-62875MEDIUM6.9ten sam produkt

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash...