Unrated severityNVD Advisory· Published May 4, 2020· Updated Sep 16, 2024

User owned /etc in SLES15-SP1-CHOST-BYOS

CVE-2020-8018

Description

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

SUSE S.A./SLES15-SP1-CHOST-BYOSllm-create
Range: <1.0.3
SUSE S.A./SLES15-SP1-CAP-Deployment-BYOSllm-create
Range: <=1.0.1
Novell/Suse Linux Enterprise Serverllm-fuzzy
SUSE S.A./Linux Enterprise Servercpe-rescue
Range: SLES15-SP1-CHOST-BYOS

Patches

Vulnerability mechanics

References

bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000