Unrated severityNVD Advisory· Published Jan 24, 2020· Updated Sep 16, 2024
Local privilege escalation from user news to root in the packaging of inn
CVE-2019-3692
Description
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords3 versionspkg:rpm/opensuse/inn&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/inn&distro=openSUSE%20Tumbleweedpkg:rpm/suse/inn&distro=SUSE%20Package%20Hub%2015%20SP1
< 2.5.4-lp151.3.3.1+ 2 more
- (no CPE)range: < 2.5.4-lp151.3.3.1
- (no CPE)range: < 2.6.3-4.2
- (no CPE)range: < 2.5.4-bp151.4.3.1
- openSUSE/Factoryv5Range: inn
- Range: inn
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.htmlmitrevendor-advisoryx_refsource_SUSE
- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.