CVE-2022-27239
https://notcve.org/view.php?id=CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. En cifs-utils versiones hasta 6.14, un desbordamiento del búfer en la región stack de la memoria cuando es analizado el argumento de línea de comandos mount.cifs ip= podría conllevar a que atacantes locales obtuvieran privilegios de root • http://wiki.robotz.com/index.php/Linux_CIFS_Utils_and_Samba https://bugzilla.samba.org/show_bug.cgi?id=15025 https://bugzilla.suse.com/show_bug.cgi?id=1197216 https://github.com/piastry/cifs-utils/pull/7 https://github.com/piastry/cifs-utils/pull/7/commits/955fb147e97a6a74e1aaa65766de91e2c1479765 https://lists.debian.org/debian-lts-announce/2022/05/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5WBOLMANBYJILXQKRRK7OCR774PXJAYY https://lists& • CWE-787: Out-of-bounds Write •
CVE-2020-8023 – Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
https://notcve.org/view.php?id=CVE-2020-8023
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. • https://bugzilla.suse.com/show_bug.cgi?id=1172698 • CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data •
CVE-2020-8022 – User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges
https://notcve.org/view.php?id=CVE-2020-8022
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html https://bugzilla.suse.com/show_bug.cgi?id=1172405 https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be%40%3Cjava-dev.axis.apache.org%3E https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928%40%3Cjava-dev.axis.apache.org%3E https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1%40%3Cusers.tomcat.apache.org%3E https://lists.apache.org/thread.html/rf50d02409e5732 • CWE-276: Incorrect Default Permissions •
CVE-2018-17954 – crowbar provision leaks admin password to all nodes in cleartext
https://notcve.org/view.php?id=CVE-2018-17954
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. • https://bugzilla.suse.com/show_bug.cgi?id=1117080 • CWE-269: Improper Privilege Management •
CVE-2019-3683 – keystone_json_assignment backend granted access to any project for users in user-project-map.json
https://notcve.org/view.php?id=CVE-2019-3683
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. El paquete keystone-json-assignment en SUSE Openstack Cloud versión 8 antes del commit d7888c75505465490250c00cc0ef4bb1af662f9f, a cada usuario listado en el archivo /etc/keystone/user-project-map.json se le fue asignado el rol completo "member" para cada proyecto. Esto permitió a estos usuarios acceder, modificar, crear y eliminar recursos arbitrarios, contrariamente a lo esperado. • https://bugzilla.suse.com/show_bug.cgi?id=1124864 https://www.suse.com/security/cve/CVE-2019-3683 • CWE-732: Incorrect Permission Assignment for Critical Resource •