Unrated severityNVD Advisory· Published May 13, 2019· Updated Sep 17, 2024

susemanager installer creates world-readable swap files

CVE-2019-3684

Description

SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem

Affected products

osv-coords20 versions
pkg:rpm/suse/cobbler&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/py26-compat-salt&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/rhncfg&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/spacewalk-config&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/spacewalk-proxy&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/spacewalk-proxy-installer&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%203.2 pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%203.2 pkg:rpm/suse/zypp-plugin-spacewalk&distro=SUSE%20Manager%20Proxy%203.2
< 2.6.6-6.19.1+ 19 more
- (no CPE)range: < 2.6.6-6.19.1
- (no CPE)range: < 2016.11.10-6.26.1
- (no CPE)range: < 5.10.122.3-3.3.1
- (no CPE)range: < 0.16.0-4.11.1
- (no CPE)range: < 2.8.57.16-3.30.1
- (no CPE)range: < 2.8.57.16-3.30.1
- (no CPE)range: < 2.8.8.10-3.11.1
- (no CPE)range: < 2.8.8.10-3.11.1
- (no CPE)range: < 2.8.5.7-3.16.1
- (no CPE)range: < 2.8.78.22-3.32.1
- (no CPE)range: < 2.8.5.5-3.6.2
- (no CPE)range: < 2.8.6.6-3.12.1
- (no CPE)range: < 2.8.7.16-3.27.1
- (no CPE)range: < 2.8.7.16-3.27.1
- (no CPE)range: < 3.2.18-3.25.2
- (no CPE)range: < 3.2-11.26.1
- (no CPE)range: < 3.2.19-3.25.1
- (no CPE)range: < 3.2.25-3.29.1
- (no CPE)range: < 3.2.15-3.23.1
- (no CPE)range: < 1.0.5-3.7.1
SUSE/SUSE Managerv5
Range: unspecified
Uyuni/Uyuniv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.suse.com/show_bug.cgimitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000