Unrated severityNVD Advisory· Published Jan 23, 2020· Updated Sep 16, 2024
Local privilege escalation from user munge to root
CVE-2019-3691
Description
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords5 versionspkg:rpm/opensuse/munge&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/munge&distro=openSUSE%20Tumbleweedpkg:rpm/suse/munge&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2012pkg:rpm/suse/munge&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015pkg:rpm/suse/munge&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP1
< 0.5.13-lp151.4.3.1+ 4 more
- (no CPE)range: < 0.5.13-lp151.4.3.1
- (no CPE)range: < 0.5.14-2.6
- (no CPE)range: < 0.5.14-3.6.1
- (no CPE)range: < 0.5.13-4.3.1
- (no CPE)range: < 0.5.13-4.3.1
- openSUSE/Factoryv5Range: munge
- Range: munge
Patches
Vulnerability mechanics
References
1- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.