Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
Description
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
57- Range: < 2.4.46-9.31.1 (for SLES 15-LTSS, SAP 15); < 2.4.46-lp151.10.12.1 (openSUSE Leap 15.1); < 2.4.46-lp152.14.3.1 (openSUSE Leap 15.2); < 2.4.41-18.71.2 (other SLES/SLED/OpenStack/HPE 12/7/8); < 2.4.26-0.74.13.1 (SLES 11-SP3/4, POS 11-SP3, SLED 11-SP3/4); < 2.4.26-0.74.13.1 (SLES 11-SECURITY openldap2-client-openssl1)
- osv-coords35 versionspkg:rpm/opensuse/openldap2&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/openldap2&distro=openSUSE%20Leap%2015.2pkg:rpm/suse/openldap2-client&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/openldap2-client&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/openldap2-client-openssl1&distro=SUSE%20Linux%20Enterprise%20Server%2011-SECURITYpkg:rpm/suse/openldap2&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openldap2&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP1pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP2pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-LTSSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/openldap2&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/openldap2&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openldap2&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 2.4.46-lp151.10.12.1+ 34 more
- (no CPE)range: < 2.4.46-lp151.10.12.1
- (no CPE)range: < 2.4.46-lp152.14.3.1
- (no CPE)range: < 2.4.26-0.74.13.1
- (no CPE)range: < 2.4.26-0.74.13.1
- (no CPE)range: < 2.4.26-0.74.13.1
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.41-18.24.20.2
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.26-0.74.13.1
- (no CPE)range: < 2.4.26-0.74.13.1
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.41-18.24.20.2
- (no CPE)range: < 2.4.41-18.24.20.2
- (no CPE)range: < 2.4.41-18.24.20.2
- (no CPE)range: < 2.4.41-18.24.20.2
- (no CPE)range: < 2.4.46-9.31.1
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- (no CPE)range: < 2.4.41-18.71.2
- openSUSE/openSUSE Leap 15.1v5Range: openldap2
- openSUSE/openSUSE Leap 15.2v5Range: openldap2
- Range: openldap2
openldap2+ 1 more
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- Range: openldap2
openldap2-client-openssl1+ 8 more
- (no CPE)range: openldap2-client-openssl1
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
openldap2+ 2 more
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
openldap2+ 2 more
- (no CPE)range: openldap2
- (no CPE)range: openldap2
- (no CPE)range: openldap2
Patches
Vulnerability mechanics
References
1- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.