Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2019-3688
Vulnerability from cvelistv5
Published
2019-10-07 14:00
Modified
2024-09-16 23:01
Severity ?
EPSS score ?
Summary
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | SUSE | SUSE Linux Enterprise Server 15 |
Version: squid < |
||||||
|
|||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:16.840Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { name: "openSUSE-SU-2019:2540", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { name: "openSUSE-SU-2019:2541", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { name: "openSUSE-SU-2019:2672", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "SUSE Linux Enterprise Server 15", vendor: "SUSE", versions: [ { lessThanOrEqual: "4.8-5.8.1", status: "affected", version: "squid", versionType: "custom", }, ], }, { product: "SUSE Linux Enterprise Server 12", vendor: "SUSE", versions: [ { lessThanOrEqual: "3.5.21-26.17.1", status: "affected", version: "squid", versionType: "custom", }, ], }, ], datePublic: "2018-05-15T00:00:00", descriptions: [ { lang: "en", value: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-276", description: "CWE-276 Incorrect Default Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-11T15:06:12", orgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", shortName: "suse", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { name: "openSUSE-SU-2019:2540", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { name: "openSUSE-SU-2019:2541", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { name: "openSUSE-SU-2019:2672", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, ], source: { advisory: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", defect: [ "1093414", ], discovery: "UNKNOWN", }, title: "squid: /usr/sbin/pinger packaged with wrong permission", x_generator: { engine: "Vulnogram 0.0.8", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@suse.com", DATE_PUBLIC: "2018-05-15T00:00:00.000Z", ID: "CVE-2019-3688", STATE: "PUBLIC", TITLE: "squid: /usr/sbin/pinger packaged with wrong permission", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SUSE Linux Enterprise Server 15", version: { version_data: [ { version_affected: "<=", version_name: "squid", version_value: "4.8-5.8.1", }, ], }, }, { product_name: "SUSE Linux Enterprise Server 12", version: { version_data: [ { version_affected: "<=", version_name: "squid", version_value: "3.5.21-26.17.1", }, ], }, }, ], }, vendor_name: "SUSE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", }, ], }, generator: { engine: "Vulnogram 0.0.8", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-276 Incorrect Default Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", refsource: "CONFIRM", url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { name: "openSUSE-SU-2019:2540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { name: "openSUSE-SU-2019:2541", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { name: "openSUSE-SU-2019:2672", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, ], }, source: { advisory: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", defect: [ "1093414", ], discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", assignerShortName: "suse", cveId: "CVE-2019-3688", datePublished: "2019-10-07T14:00:39.441891Z", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-09-16T23:01:09.236Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp1:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"4BF3B54D-9CE7-44A3-89FB-7747FADBD361\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"0F45BC40-F836-447D-A5B3-8A7FCF64A82E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:ltss:*:*:*\", \"matchCriteriaId\": \"DC4D0498-D6FB-4A73-B053-895AC60A4DEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:15:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"873082AA-2F7B-44C8-89D2-4DD48673BAE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7642C831-6063-4405-A352-431CE374458A\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary\"}, {\"lang\": \"es\", \"value\": \"El binario /usr/sbin/pinger empaquetado con squid en SUSE Linux Enterprise Server 15 anterior e incluyendo la versi\\u00f3n 4.8-5.8.1 y en SUSE Linux Enterprise Server 12 anterior e incluyendo la versi\\u00f3n 3.5.21-26.17.1, presenta squid:root, permisos 0750 . Esto permiti\\u00f3 a un atacante que compromet\\u00eda al usuario squid conseguir persistencia al cambiar el binario.\"}]", id: "CVE-2019-3688", lastModified: "2024-11-21T04:42:20.127", metrics: "{\"cvssMetricV31\": [{\"source\": \"meissner@suse.de\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.5, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.2}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:C/A:C\", \"baseScore\": 6.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 9.2, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2019-10-07T14:15:11.977", references: "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html\", \"source\": \"meissner@suse.de\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html\", \"source\": \"meissner@suse.de\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html\", \"source\": \"meissner@suse.de\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1093414\", \"source\": \"meissner@suse.de\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1093414\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]", sourceIdentifier: "meissner@suse.de", vulnStatus: "Modified", weaknesses: "[{\"source\": \"meissner@suse.de\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-276\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-276\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2019-3688\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2019-10-07T14:15:11.977\",\"lastModified\":\"2024-11-21T04:42:20.127\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary\"},{\"lang\":\"es\",\"value\":\"El binario /usr/sbin/pinger empaquetado con squid en SUSE Linux Enterprise Server 15 anterior e incluyendo la versión 4.8-5.8.1 y en SUSE Linux Enterprise Server 12 anterior e incluyendo la versión 3.5.21-26.17.1, presenta squid:root, permisos 0750 . Esto permitió a un atacante que comprometía al usuario squid conseguir persistencia al cambiar el binario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.5,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:C/A:C\",\"baseScore\":6.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":9.2,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-276\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp1:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"4BF3B54D-9CE7-44A3-89FB-7747FADBD361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"0F45BC40-F836-447D-A5B3-8A7FCF64A82E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"DC4D0498-D6FB-4A73-B053-895AC60A4DEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:15:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"873082AA-2F7B-44C8-89D2-4DD48673BAE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7642C831-6063-4405-A352-431CE374458A\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html\",\"source\":\"meissner@suse.de\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html\",\"source\":\"meissner@suse.de\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html\",\"source\":\"meissner@suse.de\"},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1093414\",\"source\":\"meissner@suse.de\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1093414\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}", }, }
opensuse-su-2024:11165-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
chkstat-1550_20210901-29.2 on GA media
Notes
Title of the patch
chkstat-1550_20210901-29.2 on GA media
Description of the patch
These are all security issues fixed in the chkstat-1550_20210901-29.2 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11165
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "chkstat-1550_20210901-29.2 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the chkstat-1550_20210901-29.2 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-11165", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11165-1.json", }, { category: "self", summary: "SUSE CVE CVE-2019-3687 page", url: "https://www.suse.com/security/cve/CVE-2019-3687/", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, { category: "self", summary: "SUSE CVE CVE-2020-8013 page", url: "https://www.suse.com/security/cve/CVE-2020-8013/", }, ], title: "chkstat-1550_20210901-29.2 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:11165-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "chkstat-1550_20210901-29.2.aarch64", product: { name: "chkstat-1550_20210901-29.2.aarch64", product_id: "chkstat-1550_20210901-29.2.aarch64", }, }, { category: "product_version", name: "permissions-1550_20210901.1550-29.2.aarch64", product: { name: "permissions-1550_20210901.1550-29.2.aarch64", product_id: "permissions-1550_20210901.1550-29.2.aarch64", }, }, { category: "product_version", name: "permissions-config-1550_20210901-29.2.aarch64", product: { name: "permissions-config-1550_20210901-29.2.aarch64", product_id: "permissions-config-1550_20210901-29.2.aarch64", }, }, { category: "product_version", name: "permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", product: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", product_id: "permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "chkstat-1550_20210901-29.2.ppc64le", product: { name: "chkstat-1550_20210901-29.2.ppc64le", product_id: "chkstat-1550_20210901-29.2.ppc64le", }, }, { category: "product_version", name: "permissions-1550_20210901.1550-29.2.ppc64le", product: { name: "permissions-1550_20210901.1550-29.2.ppc64le", product_id: "permissions-1550_20210901.1550-29.2.ppc64le", }, }, { category: "product_version", name: "permissions-config-1550_20210901-29.2.ppc64le", product: { name: "permissions-config-1550_20210901-29.2.ppc64le", product_id: "permissions-config-1550_20210901-29.2.ppc64le", }, }, { category: "product_version", name: "permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", product: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", product_id: "permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "chkstat-1550_20210901-29.2.s390x", product: { name: "chkstat-1550_20210901-29.2.s390x", product_id: "chkstat-1550_20210901-29.2.s390x", }, }, { category: "product_version", name: "permissions-1550_20210901.1550-29.2.s390x", product: { name: "permissions-1550_20210901.1550-29.2.s390x", product_id: "permissions-1550_20210901.1550-29.2.s390x", }, }, { category: "product_version", name: "permissions-config-1550_20210901-29.2.s390x", product: { name: "permissions-config-1550_20210901-29.2.s390x", product_id: "permissions-config-1550_20210901-29.2.s390x", }, }, { category: "product_version", name: "permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", product: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", product_id: "permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "chkstat-1550_20210901-29.2.x86_64", product: { name: "chkstat-1550_20210901-29.2.x86_64", product_id: "chkstat-1550_20210901-29.2.x86_64", }, }, { category: "product_version", name: "permissions-1550_20210901.1550-29.2.x86_64", product: { name: "permissions-1550_20210901.1550-29.2.x86_64", product_id: "permissions-1550_20210901.1550-29.2.x86_64", }, }, { category: "product_version", name: "permissions-config-1550_20210901-29.2.x86_64", product: { name: "permissions-config-1550_20210901-29.2.x86_64", product_id: "permissions-config-1550_20210901-29.2.x86_64", }, }, { category: "product_version", name: "permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", product: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", product_id: "permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "chkstat-1550_20210901-29.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", }, product_reference: "chkstat-1550_20210901-29.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "chkstat-1550_20210901-29.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", }, product_reference: "chkstat-1550_20210901-29.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "chkstat-1550_20210901-29.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", }, product_reference: "chkstat-1550_20210901-29.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "chkstat-1550_20210901-29.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", }, product_reference: "chkstat-1550_20210901-29.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-1550_20210901.1550-29.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", }, product_reference: "permissions-1550_20210901.1550-29.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-1550_20210901.1550-29.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", }, product_reference: "permissions-1550_20210901.1550-29.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-1550_20210901.1550-29.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", }, product_reference: "permissions-1550_20210901.1550-29.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-1550_20210901.1550-29.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", }, product_reference: "permissions-1550_20210901.1550-29.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-config-1550_20210901-29.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", }, product_reference: "permissions-config-1550_20210901-29.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-config-1550_20210901-29.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", }, product_reference: "permissions-config-1550_20210901-29.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-config-1550_20210901-29.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", }, product_reference: "permissions-config-1550_20210901-29.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-config-1550_20210901-29.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", }, product_reference: "permissions-config-1550_20210901-29.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", }, product_reference: "permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", }, product_reference: "permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", }, product_reference: "permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", }, product_reference: "permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3687", }, ], notes: [ { category: "general", text: "The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the \"easy\" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3687", url: "https://www.suse.com/security/cve/CVE-2019-3687", }, { category: "external", summary: "SUSE Bug 1148788 for CVE-2019-3687", url: "https://bugzilla.suse.com/1148788", }, { category: "external", summary: "SUSE Bug 1180102 for CVE-2019-3687", url: "https://bugzilla.suse.com/1180102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3687", }, { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2019-3690", }, { cve: "CVE-2020-8013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8013", }, ], notes: [ { category: "general", text: "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8013", url: "https://www.suse.com/security/cve/CVE-2020-8013", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2020-8013", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:chkstat-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-1550_20210901.1550-29.2.x86_64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.aarch64", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.ppc64le", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.s390x", "openSUSE Tumbleweed:permissions-config-1550_20210901-29.2.x86_64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.aarch64", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.ppc64le", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.s390x", "openSUSE Tumbleweed:permissions-zypp-plugin-1550_20210901.1550-29.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2020-8013", }, ], }
opensuse-su-2019:2541-1
Vulnerability from csaf_opensuse
Published
2019-11-21 13:26
Modified
2019-11-21 13:26
Summary
Security update for squid
Notes
Title of the patch
Security update for squid
Description of the patch
This update for squid to version 4.9 fixes the following issues:
Security issues fixed:
- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).
- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).
- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).
- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).
- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).
- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).
Other issues addressed:
* Fixed DNS failures when peer name was configured with any upper case characters
* Fixed several rock cache_dir corruption issues
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-2541
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for squid", title: "Title of the patch", }, { category: "description", text: "This update for squid to version 4.9 fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).\n- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).\n- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).\n- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).\n- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).\n- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).\n\nOther issues addressed:\n\n * Fixed DNS failures when peer name was configured with any upper case characters\n * Fixed several rock cache_dir corruption issues\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-2541", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2541-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:2541-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6/#2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:2541-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6/#2PLGSQEPKZX62EREA7UHDNEMHR3Z23A6", }, { category: "self", summary: "SUSE Bug 1133089", url: "https://bugzilla.suse.com/1133089", }, { category: "self", summary: "SUSE Bug 1140738", url: "https://bugzilla.suse.com/1140738", }, { category: "self", summary: "SUSE Bug 1141329", url: "https://bugzilla.suse.com/1141329", }, { category: "self", summary: "SUSE Bug 1141330", url: "https://bugzilla.suse.com/1141330", }, { category: "self", summary: "SUSE Bug 1141332", url: "https://bugzilla.suse.com/1141332", }, { category: "self", summary: "SUSE Bug 1141442", url: "https://bugzilla.suse.com/1141442", }, { category: "self", summary: "SUSE Bug 1156323", url: "https://bugzilla.suse.com/1156323", }, { category: "self", summary: "SUSE Bug 1156324", url: "https://bugzilla.suse.com/1156324", }, { category: "self", summary: "SUSE Bug 1156326", url: "https://bugzilla.suse.com/1156326", }, { category: "self", summary: "SUSE Bug 1156328", url: "https://bugzilla.suse.com/1156328", }, { category: "self", summary: "SUSE Bug 1156329", url: "https://bugzilla.suse.com/1156329", }, { category: "self", summary: "SUSE CVE CVE-2019-12523 page", url: "https://www.suse.com/security/cve/CVE-2019-12523/", }, { category: "self", summary: "SUSE CVE CVE-2019-12525 page", url: "https://www.suse.com/security/cve/CVE-2019-12525/", }, { category: "self", summary: "SUSE CVE CVE-2019-12526 page", url: "https://www.suse.com/security/cve/CVE-2019-12526/", }, { category: "self", summary: "SUSE CVE CVE-2019-12527 page", url: "https://www.suse.com/security/cve/CVE-2019-12527/", }, { category: "self", summary: "SUSE CVE CVE-2019-12529 page", url: "https://www.suse.com/security/cve/CVE-2019-12529/", }, { category: "self", summary: "SUSE CVE CVE-2019-12854 page", url: "https://www.suse.com/security/cve/CVE-2019-12854/", }, { category: "self", summary: "SUSE CVE CVE-2019-13345 page", url: "https://www.suse.com/security/cve/CVE-2019-13345/", }, { category: "self", summary: "SUSE CVE CVE-2019-18676 page", url: "https://www.suse.com/security/cve/CVE-2019-18676/", }, { category: "self", summary: "SUSE CVE CVE-2019-18677 page", url: "https://www.suse.com/security/cve/CVE-2019-18677/", }, { category: "self", summary: "SUSE CVE CVE-2019-18678 page", url: "https://www.suse.com/security/cve/CVE-2019-18678/", }, { category: "self", summary: "SUSE CVE CVE-2019-18679 page", url: "https://www.suse.com/security/cve/CVE-2019-18679/", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, ], title: "Security update for squid", tracking: { current_release_date: "2019-11-21T13:26:12Z", generator: { date: "2019-11-21T13:26:12Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:2541-1", initial_release_date: "2019-11-21T13:26:12Z", revision_history: [ { date: "2019-11-21T13:26:12Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "squid-4.9-lp151.2.7.1.x86_64", product: { name: "squid-4.9-lp151.2.7.1.x86_64", product_id: "squid-4.9-lp151.2.7.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "squid-4.9-lp151.2.7.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", }, product_reference: "squid-4.9-lp151.2.7.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12523", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12523", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12523", url: "https://www.suse.com/security/cve/CVE-2019-12523", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-12523", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-12523", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "important", }, ], title: "CVE-2019-12523", }, { cve: "CVE-2019-12525", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12525", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12525", url: "https://www.suse.com/security/cve/CVE-2019-12525", }, { category: "external", summary: "SUSE Bug 1141332 for CVE-2019-12525", url: "https://bugzilla.suse.com/1141332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "important", }, ], title: "CVE-2019-12525", }, { cve: "CVE-2019-12526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12526", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12526", url: "https://www.suse.com/security/cve/CVE-2019-12526", }, { category: "external", summary: "SUSE Bug 1156326 for CVE-2019-12526", url: "https://bugzilla.suse.com/1156326", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "important", }, ], title: "CVE-2019-12526", }, { cve: "CVE-2019-12527", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12527", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12527", url: "https://www.suse.com/security/cve/CVE-2019-12527", }, { category: "external", summary: "SUSE Bug 1141330 for CVE-2019-12527", url: "https://bugzilla.suse.com/1141330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "critical", }, ], title: "CVE-2019-12527", }, { cve: "CVE-2019-12529", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12529", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12529", url: "https://www.suse.com/security/cve/CVE-2019-12529", }, { category: "external", summary: "SUSE Bug 1141329 for CVE-2019-12529", url: "https://bugzilla.suse.com/1141329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-12529", }, { cve: "CVE-2019-12854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12854", }, ], notes: [ { category: "general", text: "Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12854", url: "https://www.suse.com/security/cve/CVE-2019-12854", }, { category: "external", summary: "SUSE Bug 1141442 for CVE-2019-12854", url: "https://bugzilla.suse.com/1141442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-12854", }, { cve: "CVE-2019-13345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13345", }, ], notes: [ { category: "general", text: "The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13345", url: "https://www.suse.com/security/cve/CVE-2019-13345", }, { category: "external", summary: "SUSE Bug 1140738 for CVE-2019-13345", url: "https://bugzilla.suse.com/1140738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-13345", }, { cve: "CVE-2019-18676", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18676", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18676", url: "https://www.suse.com/security/cve/CVE-2019-18676", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-18676", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-18676", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "important", }, ], title: "CVE-2019-18676", }, { cve: "CVE-2019-18677", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18677", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18677", url: "https://www.suse.com/security/cve/CVE-2019-18677", }, { category: "external", summary: "SUSE Bug 1156328 for CVE-2019-18677", url: "https://bugzilla.suse.com/1156328", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "important", }, ], title: "CVE-2019-18677", }, { cve: "CVE-2019-18678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18678", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18678", url: "https://www.suse.com/security/cve/CVE-2019-18678", }, { category: "external", summary: "SUSE Bug 1156323 for CVE-2019-18678", url: "https://bugzilla.suse.com/1156323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-18678", }, { cve: "CVE-2019-18679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18679", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18679", url: "https://www.suse.com/security/cve/CVE-2019-18679", }, { category: "external", summary: "SUSE Bug 1156324 for CVE-2019-18679", url: "https://bugzilla.suse.com/1156324", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-18679", }, { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.1:squid-4.9-lp151.2.7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:26:12Z", details: "moderate", }, ], title: "CVE-2019-3688", }, ], }
opensuse-su-2019:2672-1
Vulnerability from csaf_opensuse
Published
2019-12-11 09:15
Modified
2019-12-11 09:15
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid
which could have allowed a squid user to gain persistence by changing the
binary (bsc#1093414).
- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic
links (bsc#1150734).
- Fixed a regression which caused sagmentation fault (bsc#1157198).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2019-2672
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\n- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid\n which could have allowed a squid user to gain persistence by changing the \n binary (bsc#1093414).\n- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic \n links (bsc#1150734).\n- Fixed a regression which caused sagmentation fault (bsc#1157198).\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-2672", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2672-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:2672-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RG7IYFDNSRBUQ54SPQV4SRC2ACYCQLTV/#RG7IYFDNSRBUQ54SPQV4SRC2ACYCQLTV", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:2672-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RG7IYFDNSRBUQ54SPQV4SRC2ACYCQLTV/#RG7IYFDNSRBUQ54SPQV4SRC2ACYCQLTV", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1150734", url: "https://bugzilla.suse.com/1150734", }, { category: "self", summary: "SUSE Bug 1157198", url: "https://bugzilla.suse.com/1157198", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2019-12-11T09:15:11Z", generator: { date: "2019-12-11T09:15:11Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:2672-1", initial_release_date: "2019-12-11T09:15:11Z", revision_history: [ { date: "2019-12-11T09:15:11Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20181116-lp151.4.9.1.i586", product: { name: "permissions-20181116-lp151.4.9.1.i586", product_id: "permissions-20181116-lp151.4.9.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", product: { name: "permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", product_id: "permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "permissions-20181116-lp151.4.9.1.x86_64", product: { name: "permissions-20181116-lp151.4.9.1.x86_64", product_id: "permissions-20181116-lp151.4.9.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.1", product: { name: "openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20181116-lp151.4.9.1.i586 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", }, product_reference: "permissions-20181116-lp151.4.9.1.i586", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "permissions-20181116-lp151.4.9.1.x86_64 as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", }, product_reference: "permissions-20181116-lp151.4.9.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.1", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-20181116-lp151.4.9.1.noarch as component of openSUSE Leap 15.1", product_id: "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", }, product_reference: "permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", relates_to_product_reference: "openSUSE Leap 15.1", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2019-12-11T09:15:11Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.i586", "openSUSE Leap 15.1:permissions-20181116-lp151.4.9.1.x86_64", "openSUSE Leap 15.1:permissions-zypp-plugin-20181116-lp151.4.9.1.noarch", ], }, ], threats: [ { category: "impact", date: "2019-12-11T09:15:11Z", details: "moderate", }, ], title: "CVE-2019-3690", }, ], }
opensuse-su-2021:1520-1
Vulnerability from csaf_opensuse
Published
2021-12-02 15:06
Modified
2021-12-02 15:06
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
Update to version 20200127:
* Makefile: Leap 15.3 still uses /etc, so adjust the installation setup
Update to version 20181225:
* mgetty: faxq-helper now finally reside in /usr/libexec
* libksysguard5: Updated path for ksgrd_network_helper
* kdesu: Updated path for kdesud
* sbin_dirs cleanup: these binaries have already been moved to /usr/sbin
* mariadb: revert auth_pam_tool to /usr/lib{,64} again
* cleanup: revert virtualbox back to plain /usr/lib
* cleanup: remove deprecated /etc/ssh/sshd_config
* hawk_invoke is not part of newer hawk2 packages anymore
* cleanup: texlive-filesystem: public now resides in libexec
* cleanup: authbind: helper now resides in libexec
* cleanup: polkit: the agent now also resides in libexec
* libexec cleanup: 'inn' news binaries now reside in libexec
* whitelist please (boo#1183669)
* Fix enlightenment paths
* usbauth: drop compatibility variable for libexec
* usbauth: Updated path for usbauth-npriv
* profiles: finish usage of variable for polkit-agent-helper-1
* Makefile: fix custom flags support when using make command line variables
* added information about know limitations of this approach
* Makefile: compile with LFO support to fix 32-bit emulation on 64-bit hosts (boo#1178476)
* Makefile: support CXXFLAGS and LDFLAGS override / extension via make/env variables (boo#1178475)
* profiles: prepare /usr/sbin versions of profile entries (boo#1029961)
* profiles: use new variables feature to remove redundant entries
* profiles: remove now superfluous squid pinger paths (boo#1171569)
* tests: implement basic tests for new the new variable feature
* tests: avoid redundant specification of test names by using class names
* regtests: split up base types and actual test implementation
* man pages: add documentation about variables, update copyrights
* chkstat: implement support for variables in profile paths
* chkstat: prepare reuse of config file locations
* chkstat: fix some typos and whitespace
* etc/permissions: remove unnecessary, duplicate, outdated entries
* etc/permissions: remove trailing whitespace
* ksgrd_network_helper: remove obviously wrong path
* adjust squid pinger path (boo#1171569)
* mgetty: remove long dead (or never existing) locks directory (boo#1171882)
* squid: remove basic_pam_auth which doesn't need special perms (boo#1171569)
* cleanup now useless /usr/lib entries after move to /usr/libexec (boo#1171164)
* drop (f)ping capabilities in favor of ICMP_PROTO sockets (boo#1174504)
* whitelist Xorg setuid-root wrapper (boo#1175867)
* screen: remove /run/uscreens covered by systemd-tmpfiles (boo#1171879)
* Add /usr/libexec for cockpit-session as new path
* physlock: whitelist with tight restrictions (boo#1175720)
* mtr-packet: stop requiring dialout group
* etc/permissions: fix mtr permission
* list_permissions: improve output format
* list_permissions: support globbing in --path argument
* list_permissions: implement simplifications suggested in PR#92
* list_permissions: new tool for better path configuration overview
* regtest: support new getcap output format in libcap-2.42
* regtest: print individual test case errors to stderr
* etc/permissions: remove static /var/spool/* dirs
* etc/permissions: remove outdated entries
* etc/permissions: remove unnecessary static dirs and devices
* screen: remove now unused /var/run/uscreens
* Revert 'etc/permissions: remove entries for bind-chrootenv'
* rework permissions.local text (boo#1173221)
* dbus-1: adjust to new libexec dir location (boo#1171164)
* permission profiles: reinstate kdesud for kde5
* etc/permissions: remove entries for bind-chrootenv
* etc/permissions: remove traceroute entry
* VirtualBox: remove outdated entry which is only a symlink any more
* /bin/su: remove path refering to symlink
* etc/permissions: remove legacy RPM directory entries
* /etc/permissions: remove outdated sudo directories
* singularity: remove outdated setuid-binary entries
* chromium: remove now unneeded chrome_sandbox entry (boo#1163588)
* dbus-1: remove deprecated alternative paths
* PolicyKit: remove outdated entries last used in SLE-11
* pcp: remove no longer needed / conflicting entries
* gnats: remove entries for package removed from Factory
* kdelibs4: remove entries for package removed from Factory
* v4l-base: remove entries for package removed from Factory
* mailman: remove entries for package deleted from Factory
* gnome-pty-helper: remove dead entry no longer part of the vte package
* gnokii: remove entries for package no longer in Factory
* xawtv (v4l-conf): correct group ownership in easy profile
* systemd-journal: remove unnecessary profile entries
* thttp: make makeweb entry usable in the secure profile (boo#1171580)
* profiles: add entries for enlightenment (boo#1171686)
* permissions fixed profile: utempter: reinstate libexec compatibility entry
* chkstat: fix sign conversion warnings on non 32-bit architectures
* chkstat: allow simultaneous use of `--set` and `--system`
* regtest: adjust TestUnkownOwnership test to new warning output behaviour
* whitelist texlive public binary (boo#1171686)
* fixed permissions: adjust to new libexec dir location (boo#1171164)
* chkstat: don't print warning about unknown user/group by default
* Makefile: link with --as-needed, move libs to the end of the command line
* setuid bit for cockpit (boo#1169614)
* Fix paranoid mode for newgidmap and newuidmap (boo#1171173)
* chkstat: collectProfilePaths(): use directory_iterator to simplify code
* chkstat: collectProfilePaths(): prefer /usr over /etc
* regtest: add relative symlink corner case to TestSymlinkBehaviour
* Chkstat::parseProfile(): avoid use of raw pointer
* parseSysconfig(): only emmit warning if value is non-empty
* incorporate a bunch of PR #56 review comments
* regtest: add test for correct ownership change
* chkstat: final pass over refactored code
* chkstat: finish refactoring of safeOpen()
* chkstat: improve/fix output of mismatches
* chkstat: support numerical owner/group specification in profiles
* chkstat: safeOpen: simplify path handling by using a std::string
* chkstat regtest: support debug build
* chkstat: start refactoring of safe_open() -> safeOpen()
* chkstat: processEntries: pull out change logic into applyChanges()
* chkstat: processEntries: pull out safety check logic
* chkstat: processEntries: separate printing code and simplify ownership flags
* chkstat: processEntries: also add file_status and *_ok flags to EntryContext
* chkstat: processEntries: also add caps to EntryContext
* chkstat: also move fd_path into EntryContext
* chkstat: processEntries(): introduce EntryContext data structure
* chkstat: introduce class type to deal with capabilities
* chkstat: overhaul of the main entry processing loop
* chkstat: smaller cleanup of Chkstat::run()
* chkstat: remove last global variables `root` and `rootl`
* chkstat: refactor parsing of permission profiles
* chkstat: replace global `permlist` by STL map
* chkstat: remove now obsolete usage() function
* chkstat: refactor collection of permission files
* regtest: support --after-test-enter-shell
* chkstat: change global euid variable into const class member
* chkstat: replace global level, nlevel by a vector data structure
* chkstat: refactor check_fscaps_enabled()
* chkstat: refactor parse_sysconfig as a member function Chkstat::parseSysconfig
* chkstat: introduce separate processArguments() and refactor --files logic
* chkstat: replace C style chkecklist by std::set
* chkstat: refactor command line parsing
* allow /usr/libexec in addition to /usr/lib (boo#1171164)
* whitelist s390-tools setgid bit on log directory (boo#1167163)
* whitelist WMP (boo#1161335)
* regtest: improve readability of path variables by using literals
* regtest: adjust test suite to new path locations in /usr/share/permissions
* regtest: only catch explicit FileNotFoundError
* regtest: provide valid home directory in /root
* regtest: mount permissions src repository in /usr/src/permissions
* regtest: move initialialization of TestBase paths into the prepare() function
* chkstat: suppport new --config-root command line option
* fix spelling of icingacmd group
* chkstat: fix readline() on platforms with unsigned char
* remove capability whitelisting for radosgw
* whitelist ceph log directory (boo#1150366)
* adjust testsuite to post CVE-2020-8013 link handling
* testsuite: add option to not mount /proc
* do not follow symlinks that are the final path element: CVE-2020-8013
* add a test for symlinked directories
* fix relative symlink handling
* include cpp compat headers, not C headers
* Move permissions and permissions.* except .local to /usr/share/permissions
* regtest: fix the static PATH list which was missing /usr/bin
* regtest: also unshare the PID namespace to support /proc mounting
* regtest: bindMount(): explicitly reject read-only recursive mounts
* Makefile: force remove upon clean target to prevent bogus errors
* regtest: by default automatically (re)build chkstat before testing
* regtest: add test for symlink targets
* regtest: make capability setting tests optional
* regtest: fix capability assertion helper logic
* regtests: add another test case that catches set*id or caps in world-writable sub-trees
* regtest: add another test that catches when privilege bits are set for special files
* regtest: add test case for user owned symlinks
* regtest: employ subuid and subgid feature in user namespace
* regtest: add another test case that covers unknown user/group config
* regtest: add another test that checks rejection of insecure mixed-owner paths
* regtest: add test that checks for rejection of world-writable paths
* regtest: add test for detection of unexpected parent directory ownership
* regtest: add further helper functions, allow access to main instance
* regtest: introduce some basic coloring support to improve readability
* regtest: sort imports, another piece of rationale
* regtest: add capability test case
* regtest: improve error flagging of test cases and introduce warnings
* regtest: support caps
* regtest: add a couple of command line parameter test cases
* regtest: add another test that checks whether the default profile works
* regtests: add tests for correct application of local profiles
* regtest: add further test cases that test correct profile application
* regtest: simplify test implementation and readability
* regtest: add helpers for permissions.d per package profiles
* regtest: support read-only bind mounts, also bind-mount permissions repo
* tests: introduce a regression test suite for chkstat
* Makefile: allow to build test version programmatically
* README.md: add basic readme file that explains the repository's purpose
* chkstat: change and harmonize coding style
* chkstat: switch to C++ compilation unit
* remove obsolete/broken entries for rcp/rsh/rlogin
* chkstat: handle symlinks in final path elements correctly
* Revert 'Revert 'mariadb: settings for new auth_pam_tool (boo#1160285)''
* Revert 'mariadb: settings for new auth_pam_tool (boo#1160285)'
* mariadb: settings for new auth_pam_tool (boo#1160285)
* add read-only fallback when /proc is not mounted (boo#1160764)
* capability handling fixes (boo#1161779)
* better error message when refusing to fix dir perms (#32)
* fix paths of ksysguard whitelisting
* fix zero-termination of error message for overly long paths
* fix misleading indendation
* fix changing of capabilities
* fix warning text for unlisted files
* fix error message with insecure sym links
* remove useless if around realloc()
* fix invalid free() when permfiles points to argv
* use path-based operations with /proc/self/fd/X to avoid errors due to O_PATH
* add .gitignore for chkstat binary
* add/fix compiler warnings, free memory at exit
* only open regular files/directories without O_PATH, fix stat buffer initialization
* update
* rewrite while protecting against symlinks and races
* fix whitespace
* faxq-helper: correct 'secure' permission for trusted group (boo#1157498)
* whitelist ksysguard network helper (boo#1151190)
* fix syntax of paranoid profile
* fix squid permissions (boo#1093414, CVE-2019-3688)
* setgid bit for nagios directory (boo#1028975, boo#1150345)
* global: removal of unneeded SuSEconfig file and directory
* global: restructure repository layout
* dumpcap: remove 'other' executable bit because of capabilities (boo#1148788, CVE-2019-3687)
* add one more missing slash for icinga2
* fix more missing slashes for directories
* cron directory permissions: add slashes
* iputils: Add capability permissions for clockdiff
* iputils/ping: Drop effective capability
* iputils/ping6: Remove definitions
* singluarity: Add starter-suid for version 3.2.0
* removed entry for /var/cache/man. Conflicts with packaging and man:man is the better setting anyway (boo#1133678)
* fixed error in description of permissions.paranoid. Make it clear that this is not a usable profile, but intended as a base for own developments
* Misleading comment fix
* removed old entry for wodim
* removed old entry for netatalk
* removed old entry for suidperl
* removed old entriy for utempter
* removed old entriy for hostname
* removed old directory entries
* removed old entry for qemu-bridge-helper
* removed old entries for pccardctl
* removed old entries for isdnctrl
* removed old entries for unix(2)_chkpwd
* removed old entries for mount.nfs
* removed old entries for (u)mount
* removed old entry for fileshareset
* removed old entries for KDE
* removed old entry for heartbeat
* removed old entry for gnome-control-center
* removed old entry for pcp
* removed old entry for lpdfilter
* removed old entry for scotty
* removed old entry for ia32el
* removed old entry for squid
* removed old qpopper whitelist
* removed pt_chown entries. Not needed anymore and a bad idea anyway
* removed old majordomo entry
* removed stale entries for old ncpfs tools
* removed old entry for rmtab
* Fixed type in icinga2 whitelist entry
* New whitelisting for /usr/lib/virtualbox/VirtualBoxVM and removed stale entries for VirtualBox
* Removed whitelist for /usr/bin/su.core. According to comment a temporary hack introduced 2012 to help moving su from coretuils to util-linux. I couldn't find it anywhere, so we don't need it anymore
* Remove entry for /usr/bin/yaps. We don't ship it anymore and the group that is used doesn't exists anymore starting with Leap 15, so it will not work there anyway. Users using this (old) package can do this individually
* removed entry for /etc/ftpaccess. We currently don't have it anywhere (and judging from my search this has been the case for quite a while)
* Ensure consistency of entries, otherwise switching between settings becomes problematic
* Fix spelling of SUSE
* adjust settings for amanda to current binary layout
Patchnames
openSUSE-2021-1520
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\nUpdate to version 20200127:\n\n* Makefile: Leap 15.3 still uses /etc, so adjust the installation setup\n\nUpdate to version 20181225:\n\n* mgetty: faxq-helper now finally reside in /usr/libexec\n* libksysguard5: Updated path for ksgrd_network_helper\n* kdesu: Updated path for kdesud\n* sbin_dirs cleanup: these binaries have already been moved to /usr/sbin\n* mariadb: revert auth_pam_tool to /usr/lib{,64} again\n* cleanup: revert virtualbox back to plain /usr/lib\n* cleanup: remove deprecated /etc/ssh/sshd_config\n* hawk_invoke is not part of newer hawk2 packages anymore\n* cleanup: texlive-filesystem: public now resides in libexec\n* cleanup: authbind: helper now resides in libexec\n* cleanup: polkit: the agent now also resides in libexec\n* libexec cleanup: 'inn' news binaries now reside in libexec\n* whitelist please (boo#1183669)\n* Fix enlightenment paths\n* usbauth: drop compatibility variable for libexec\n* usbauth: Updated path for usbauth-npriv\n* profiles: finish usage of variable for polkit-agent-helper-1\n* Makefile: fix custom flags support when using make command line variables\n* added information about know limitations of this approach\n* Makefile: compile with LFO support to fix 32-bit emulation on 64-bit hosts (boo#1178476)\n* Makefile: support CXXFLAGS and LDFLAGS override / extension via make/env variables (boo#1178475)\n* profiles: prepare /usr/sbin versions of profile entries (boo#1029961)\n* profiles: use new variables feature to remove redundant entries\n* profiles: remove now superfluous squid pinger paths (boo#1171569)\n* tests: implement basic tests for new the new variable feature\n* tests: avoid redundant specification of test names by using class names\n* regtests: split up base types and actual test implementation\n* man pages: add documentation about variables, update copyrights\n* chkstat: implement support for variables in profile paths\n* chkstat: prepare reuse of config file locations\n* chkstat: fix some typos and whitespace\n* etc/permissions: remove unnecessary, duplicate, outdated entries\n* etc/permissions: remove trailing whitespace\n* ksgrd_network_helper: remove obviously wrong path\n* adjust squid pinger path (boo#1171569)\n* mgetty: remove long dead (or never existing) locks directory (boo#1171882)\n* squid: remove basic_pam_auth which doesn't need special perms (boo#1171569)\n* cleanup now useless /usr/lib entries after move to /usr/libexec (boo#1171164)\n* drop (f)ping capabilities in favor of ICMP_PROTO sockets (boo#1174504)\n* whitelist Xorg setuid-root wrapper (boo#1175867)\n* screen: remove /run/uscreens covered by systemd-tmpfiles (boo#1171879)\n* Add /usr/libexec for cockpit-session as new path\n* physlock: whitelist with tight restrictions (boo#1175720)\n* mtr-packet: stop requiring dialout group\n* etc/permissions: fix mtr permission\n* list_permissions: improve output format\n* list_permissions: support globbing in --path argument\n* list_permissions: implement simplifications suggested in PR#92\n* list_permissions: new tool for better path configuration overview\n* regtest: support new getcap output format in libcap-2.42\n* regtest: print individual test case errors to stderr\n* etc/permissions: remove static /var/spool/* dirs\n* etc/permissions: remove outdated entries\n* etc/permissions: remove unnecessary static dirs and devices\n* screen: remove now unused /var/run/uscreens\n* Revert 'etc/permissions: remove entries for bind-chrootenv'\n* rework permissions.local text (boo#1173221)\n* dbus-1: adjust to new libexec dir location (boo#1171164)\n* permission profiles: reinstate kdesud for kde5\n* etc/permissions: remove entries for bind-chrootenv\n* etc/permissions: remove traceroute entry\n* VirtualBox: remove outdated entry which is only a symlink any more\n* /bin/su: remove path refering to symlink\n* etc/permissions: remove legacy RPM directory entries\n* /etc/permissions: remove outdated sudo directories\n* singularity: remove outdated setuid-binary entries\n* chromium: remove now unneeded chrome_sandbox entry (boo#1163588)\n* dbus-1: remove deprecated alternative paths\n* PolicyKit: remove outdated entries last used in SLE-11\n* pcp: remove no longer needed / conflicting entries\n* gnats: remove entries for package removed from Factory\n* kdelibs4: remove entries for package removed from Factory\n* v4l-base: remove entries for package removed from Factory\n* mailman: remove entries for package deleted from Factory\n* gnome-pty-helper: remove dead entry no longer part of the vte package\n* gnokii: remove entries for package no longer in Factory\n* xawtv (v4l-conf): correct group ownership in easy profile\n* systemd-journal: remove unnecessary profile entries\n* thttp: make makeweb entry usable in the secure profile (boo#1171580)\n* profiles: add entries for enlightenment (boo#1171686)\n* permissions fixed profile: utempter: reinstate libexec compatibility entry\n* chkstat: fix sign conversion warnings on non 32-bit architectures\n* chkstat: allow simultaneous use of `--set` and `--system`\n* regtest: adjust TestUnkownOwnership test to new warning output behaviour\n* whitelist texlive public binary (boo#1171686)\n* fixed permissions: adjust to new libexec dir location (boo#1171164)\n* chkstat: don't print warning about unknown user/group by default\n* Makefile: link with --as-needed, move libs to the end of the command line\n* setuid bit for cockpit (boo#1169614)\n* Fix paranoid mode for newgidmap and newuidmap (boo#1171173)\n* chkstat: collectProfilePaths(): use directory_iterator to simplify code\n* chkstat: collectProfilePaths(): prefer /usr over /etc\n* regtest: add relative symlink corner case to TestSymlinkBehaviour\n* Chkstat::parseProfile(): avoid use of raw pointer\n* parseSysconfig(): only emmit warning if value is non-empty\n* incorporate a bunch of PR #56 review comments\n* regtest: add test for correct ownership change\n* chkstat: final pass over refactored code\n* chkstat: finish refactoring of safeOpen()\n* chkstat: improve/fix output of mismatches\n* chkstat: support numerical owner/group specification in profiles\n* chkstat: safeOpen: simplify path handling by using a std::string\n* chkstat regtest: support debug build\n* chkstat: start refactoring of safe_open() -> safeOpen()\n* chkstat: processEntries: pull out change logic into applyChanges()\n* chkstat: processEntries: pull out safety check logic\n* chkstat: processEntries: separate printing code and simplify ownership flags\n* chkstat: processEntries: also add file_status and *_ok flags to EntryContext\n* chkstat: processEntries: also add caps to EntryContext\n* chkstat: also move fd_path into EntryContext\n* chkstat: processEntries(): introduce EntryContext data structure\n* chkstat: introduce class type to deal with capabilities\n* chkstat: overhaul of the main entry processing loop\n* chkstat: smaller cleanup of Chkstat::run()\n* chkstat: remove last global variables `root` and `rootl`\n* chkstat: refactor parsing of permission profiles\n* chkstat: replace global `permlist` by STL map\n* chkstat: remove now obsolete usage() function\n* chkstat: refactor collection of permission files\n* regtest: support --after-test-enter-shell\n* chkstat: change global euid variable into const class member\n* chkstat: replace global level, nlevel by a vector data structure\n* chkstat: refactor check_fscaps_enabled()\n* chkstat: refactor parse_sysconfig as a member function Chkstat::parseSysconfig\n* chkstat: introduce separate processArguments() and refactor --files logic\n* chkstat: replace C style chkecklist by std::set\n* chkstat: refactor command line parsing\n* allow /usr/libexec in addition to /usr/lib (boo#1171164)\n* whitelist s390-tools setgid bit on log directory (boo#1167163)\n* whitelist WMP (boo#1161335)\n* regtest: improve readability of path variables by using literals\n* regtest: adjust test suite to new path locations in /usr/share/permissions\n* regtest: only catch explicit FileNotFoundError\n* regtest: provide valid home directory in /root\n* regtest: mount permissions src repository in /usr/src/permissions\n* regtest: move initialialization of TestBase paths into the prepare() function\n* chkstat: suppport new --config-root command line option\n* fix spelling of icingacmd group\n* chkstat: fix readline() on platforms with unsigned char\n* remove capability whitelisting for radosgw\n* whitelist ceph log directory (boo#1150366)\n* adjust testsuite to post CVE-2020-8013 link handling\n* testsuite: add option to not mount /proc\n* do not follow symlinks that are the final path element: CVE-2020-8013\n* add a test for symlinked directories\n* fix relative symlink handling\n* include cpp compat headers, not C headers\n* Move permissions and permissions.* except .local to /usr/share/permissions\n* regtest: fix the static PATH list which was missing /usr/bin\n* regtest: also unshare the PID namespace to support /proc mounting\n* regtest: bindMount(): explicitly reject read-only recursive mounts\n* Makefile: force remove upon clean target to prevent bogus errors\n* regtest: by default automatically (re)build chkstat before testing\n* regtest: add test for symlink targets\n* regtest: make capability setting tests optional\n* regtest: fix capability assertion helper logic\n* regtests: add another test case that catches set*id or caps in world-writable sub-trees\n* regtest: add another test that catches when privilege bits are set for special files\n* regtest: add test case for user owned symlinks\n* regtest: employ subuid and subgid feature in user namespace\n* regtest: add another test case that covers unknown user/group config\n* regtest: add another test that checks rejection of insecure mixed-owner paths\n* regtest: add test that checks for rejection of world-writable paths\n* regtest: add test for detection of unexpected parent directory ownership\n* regtest: add further helper functions, allow access to main instance\n* regtest: introduce some basic coloring support to improve readability\n* regtest: sort imports, another piece of rationale\n* regtest: add capability test case\n* regtest: improve error flagging of test cases and introduce warnings\n* regtest: support caps\n* regtest: add a couple of command line parameter test cases\n* regtest: add another test that checks whether the default profile works\n* regtests: add tests for correct application of local profiles\n* regtest: add further test cases that test correct profile application\n* regtest: simplify test implementation and readability\n* regtest: add helpers for permissions.d per package profiles\n* regtest: support read-only bind mounts, also bind-mount permissions repo\n* tests: introduce a regression test suite for chkstat\n* Makefile: allow to build test version programmatically\n* README.md: add basic readme file that explains the repository's purpose\n* chkstat: change and harmonize coding style\n* chkstat: switch to C++ compilation unit\n* remove obsolete/broken entries for rcp/rsh/rlogin\n* chkstat: handle symlinks in final path elements correctly\n* Revert 'Revert 'mariadb: settings for new auth_pam_tool (boo#1160285)''\n* Revert 'mariadb: settings for new auth_pam_tool (boo#1160285)'\n* mariadb: settings for new auth_pam_tool (boo#1160285)\n* add read-only fallback when /proc is not mounted (boo#1160764)\n* capability handling fixes (boo#1161779)\n* better error message when refusing to fix dir perms (#32)\n* fix paths of ksysguard whitelisting\n* fix zero-termination of error message for overly long paths\n* fix misleading indendation\n* fix changing of capabilities\n* fix warning text for unlisted files\n* fix error message with insecure sym links\n* remove useless if around realloc()\n* fix invalid free() when permfiles points to argv\n* use path-based operations with /proc/self/fd/X to avoid errors due to O_PATH\n* add .gitignore for chkstat binary\n* add/fix compiler warnings, free memory at exit\n* only open regular files/directories without O_PATH, fix stat buffer initialization\n* update\n* rewrite while protecting against symlinks and races\n* fix whitespace\n* faxq-helper: correct 'secure' permission for trusted group (boo#1157498)\n* whitelist ksysguard network helper (boo#1151190)\n* fix syntax of paranoid profile\n* fix squid permissions (boo#1093414, CVE-2019-3688)\n* setgid bit for nagios directory (boo#1028975, boo#1150345)\n* global: removal of unneeded SuSEconfig file and directory\n* global: restructure repository layout\n* dumpcap: remove 'other' executable bit because of capabilities (boo#1148788, CVE-2019-3687)\n* add one more missing slash for icinga2\n* fix more missing slashes for directories\n* cron directory permissions: add slashes\n* iputils: Add capability permissions for clockdiff\n* iputils/ping: Drop effective capability\n* iputils/ping6: Remove definitions\n* singluarity: Add starter-suid for version 3.2.0\n* removed entry for /var/cache/man. Conflicts with packaging and man:man is the better setting anyway (boo#1133678)\n* fixed error in description of permissions.paranoid. Make it clear that this is not a usable profile, but intended as a base for own developments\n* Misleading comment fix\n* removed old entry for wodim\n* removed old entry for netatalk\n* removed old entry for suidperl\n* removed old entriy for utempter\n* removed old entriy for hostname\n* removed old directory entries\n* removed old entry for qemu-bridge-helper\n* removed old entries for pccardctl\n* removed old entries for isdnctrl\n* removed old entries for unix(2)_chkpwd\n* removed old entries for mount.nfs\n* removed old entries for (u)mount\n* removed old entry for fileshareset\n* removed old entries for KDE\n* removed old entry for heartbeat\n* removed old entry for gnome-control-center\n* removed old entry for pcp\n* removed old entry for lpdfilter\n* removed old entry for scotty\n* removed old entry for ia32el\n* removed old entry for squid\n* removed old qpopper whitelist\n* removed pt_chown entries. Not needed anymore and a bad idea anyway\n* removed old majordomo entry\n* removed stale entries for old ncpfs tools\n* removed old entry for rmtab\n* Fixed type in icinga2 whitelist entry\n* New whitelisting for /usr/lib/virtualbox/VirtualBoxVM and removed stale entries for VirtualBox\n* Removed whitelist for /usr/bin/su.core. According to comment a temporary hack introduced 2012 to help moving su from coretuils to util-linux. I couldn't find it anywhere, so we don't need it anymore\n* Remove entry for /usr/bin/yaps. We don't ship it anymore and the group that is used doesn't exists anymore starting with Leap 15, so it will not work there anyway. Users using this (old) package can do this individually\n* removed entry for /etc/ftpaccess. We currently don't have it anywhere (and judging from my search this has been the case for quite a while)\n* Ensure consistency of entries, otherwise switching between settings becomes problematic\n* Fix spelling of SUSE\n* adjust settings for amanda to current binary layout\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2021-1520", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_1520-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2021:1520-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CDE67H3SKCA2N6SED6KU5T3MBX3UVI6N/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2021:1520-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CDE67H3SKCA2N6SED6KU5T3MBX3UVI6N/", }, { category: "self", summary: "SUSE Bug 1028975", url: "https://bugzilla.suse.com/1028975", }, { category: "self", summary: "SUSE Bug 1029961", url: "https://bugzilla.suse.com/1029961", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1133678", url: "https://bugzilla.suse.com/1133678", }, { category: "self", summary: "SUSE Bug 1148788", url: "https://bugzilla.suse.com/1148788", }, { category: "self", summary: "SUSE Bug 1150345", url: "https://bugzilla.suse.com/1150345", }, { category: "self", summary: "SUSE Bug 1150366", url: "https://bugzilla.suse.com/1150366", }, { category: "self", summary: "SUSE Bug 1151190", url: "https://bugzilla.suse.com/1151190", }, { category: "self", summary: "SUSE Bug 1157498", url: "https://bugzilla.suse.com/1157498", }, { category: "self", summary: "SUSE Bug 1160285", url: "https://bugzilla.suse.com/1160285", }, { category: "self", summary: "SUSE Bug 1160764", url: "https://bugzilla.suse.com/1160764", }, { category: "self", summary: "SUSE Bug 1161335", url: "https://bugzilla.suse.com/1161335", }, { category: "self", summary: "SUSE Bug 1161779", url: "https://bugzilla.suse.com/1161779", }, { category: "self", summary: "SUSE Bug 1163588", url: "https://bugzilla.suse.com/1163588", }, { category: "self", summary: "SUSE Bug 1167163", url: "https://bugzilla.suse.com/1167163", }, { category: "self", summary: "SUSE Bug 1169614", url: "https://bugzilla.suse.com/1169614", }, { category: "self", summary: "SUSE Bug 1171164", url: "https://bugzilla.suse.com/1171164", }, { category: "self", summary: "SUSE Bug 1171173", url: "https://bugzilla.suse.com/1171173", }, { category: "self", summary: "SUSE Bug 1171569", url: "https://bugzilla.suse.com/1171569", }, { category: "self", summary: "SUSE Bug 1171580", url: "https://bugzilla.suse.com/1171580", }, { category: "self", summary: "SUSE Bug 1171686", url: "https://bugzilla.suse.com/1171686", }, { category: "self", summary: "SUSE Bug 1171879", url: "https://bugzilla.suse.com/1171879", }, { category: "self", summary: "SUSE Bug 1171882", url: "https://bugzilla.suse.com/1171882", }, { category: "self", summary: "SUSE Bug 1173221", url: "https://bugzilla.suse.com/1173221", }, { category: "self", summary: "SUSE Bug 1174504", url: "https://bugzilla.suse.com/1174504", }, { category: "self", summary: "SUSE Bug 1175720", url: "https://bugzilla.suse.com/1175720", }, { category: "self", summary: "SUSE Bug 1175867", url: "https://bugzilla.suse.com/1175867", }, { category: "self", summary: "SUSE Bug 1178475", url: "https://bugzilla.suse.com/1178475", }, { category: "self", summary: "SUSE Bug 1178476", url: "https://bugzilla.suse.com/1178476", }, { category: "self", summary: "SUSE Bug 1183669", url: "https://bugzilla.suse.com/1183669", }, { category: "self", summary: "SUSE CVE CVE-2019-3687 page", url: "https://www.suse.com/security/cve/CVE-2019-3687/", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2020-8013 page", url: "https://www.suse.com/security/cve/CVE-2020-8013/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2021-12-02T15:06:33Z", generator: { date: "2021-12-02T15:06:33Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2021:1520-1", initial_release_date: "2021-12-02T15:06:33Z", revision_history: [ { date: "2021-12-02T15:06:33Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20200127-lp153.24.3.1.aarch64", product: { name: "permissions-20200127-lp153.24.3.1.aarch64", product_id: "permissions-20200127-lp153.24.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-20200127-lp153.24.3.1.i586", product: { name: "permissions-20200127-lp153.24.3.1.i586", product_id: "permissions-20200127-lp153.24.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", product: { name: "permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", product_id: "permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "permissions-20200127-lp153.24.3.1.ppc64le", product: { name: "permissions-20200127-lp153.24.3.1.ppc64le", product_id: "permissions-20200127-lp153.24.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-20200127-lp153.24.3.1.s390x", product: { name: "permissions-20200127-lp153.24.3.1.s390x", product_id: "permissions-20200127-lp153.24.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-20200127-lp153.24.3.1.x86_64", product: { name: "permissions-20200127-lp153.24.3.1.x86_64", product_id: "permissions-20200127-lp153.24.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20200127-lp153.24.3.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", }, product_reference: "permissions-20200127-lp153.24.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "permissions-20200127-lp153.24.3.1.i586 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", }, product_reference: "permissions-20200127-lp153.24.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "permissions-20200127-lp153.24.3.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", }, product_reference: "permissions-20200127-lp153.24.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "permissions-20200127-lp153.24.3.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", }, product_reference: "permissions-20200127-lp153.24.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "permissions-20200127-lp153.24.3.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", }, product_reference: "permissions-20200127-lp153.24.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "permissions-zypp-plugin-20200127-lp153.24.3.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", }, product_reference: "permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3687", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3687", }, ], notes: [ { category: "general", text: "The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the \"easy\" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3687", url: "https://www.suse.com/security/cve/CVE-2019-3687", }, { category: "external", summary: "SUSE Bug 1148788 for CVE-2019-3687", url: "https://bugzilla.suse.com/1148788", }, { category: "external", summary: "SUSE Bug 1180102 for CVE-2019-3687", url: "https://bugzilla.suse.com/1180102", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-12-02T15:06:33Z", details: "moderate", }, ], title: "CVE-2019-3687", }, { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-12-02T15:06:33Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2020-8013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8013", }, ], notes: [ { category: "general", text: "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-8013", url: "https://www.suse.com/security/cve/CVE-2020-8013", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2020-8013", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.aarch64", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.i586", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.ppc64le", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.s390x", "openSUSE Leap 15.3:permissions-20200127-lp153.24.3.1.x86_64", "openSUSE Leap 15.3:permissions-zypp-plugin-20200127-lp153.24.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2021-12-02T15:06:33Z", details: "moderate", }, ], title: "CVE-2020-8013", }, ], }
opensuse-su-2019:2540-1
Vulnerability from csaf_opensuse
Published
2019-11-21 13:25
Modified
2019-11-21 13:25
Summary
Security update for squid
Notes
Title of the patch
Security update for squid
Description of the patch
This update for squid to version 4.9 fixes the following issues:
Security issues fixed:
- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).
- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).
- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).
- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).
- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).
- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).
Other issues addressed:
* Fixed DNS failures when peer name was configured with any upper case characters
* Fixed several rock cache_dir corruption issues
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2019-2540
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for squid", title: "Title of the patch", }, { category: "description", text: "This update for squid to version 4.9 fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).\n- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).\n- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).\n- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).\n- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).\n- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).\n\nOther issues addressed:\n\n * Fixed DNS failures when peer name was configured with any upper case characters\n * Fixed several rock cache_dir corruption issues\n\nThis update was imported from the SUSE:SLE-15:Update update project.", title: "Description of the patch", }, { category: "details", text: "openSUSE-2019-2540", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_2540-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2019:2540-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5B7VIBHEUXO2VYU6NZTEL6I7K4WUKD7G/#5B7VIBHEUXO2VYU6NZTEL6I7K4WUKD7G", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2019:2540-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5B7VIBHEUXO2VYU6NZTEL6I7K4WUKD7G/#5B7VIBHEUXO2VYU6NZTEL6I7K4WUKD7G", }, { category: "self", summary: "SUSE Bug 1133089", url: "https://bugzilla.suse.com/1133089", }, { category: "self", summary: "SUSE Bug 1140738", url: "https://bugzilla.suse.com/1140738", }, { category: "self", summary: "SUSE Bug 1141329", url: "https://bugzilla.suse.com/1141329", }, { category: "self", summary: "SUSE Bug 1141330", url: "https://bugzilla.suse.com/1141330", }, { category: "self", summary: "SUSE Bug 1141332", url: "https://bugzilla.suse.com/1141332", }, { category: "self", summary: "SUSE Bug 1141442", url: "https://bugzilla.suse.com/1141442", }, { category: "self", summary: "SUSE Bug 1156323", url: "https://bugzilla.suse.com/1156323", }, { category: "self", summary: "SUSE Bug 1156324", url: "https://bugzilla.suse.com/1156324", }, { category: "self", summary: "SUSE Bug 1156326", url: "https://bugzilla.suse.com/1156326", }, { category: "self", summary: "SUSE Bug 1156328", url: "https://bugzilla.suse.com/1156328", }, { category: "self", summary: "SUSE Bug 1156329", url: "https://bugzilla.suse.com/1156329", }, { category: "self", summary: "SUSE CVE CVE-2019-12523 page", url: "https://www.suse.com/security/cve/CVE-2019-12523/", }, { category: "self", summary: "SUSE CVE CVE-2019-12525 page", url: "https://www.suse.com/security/cve/CVE-2019-12525/", }, { category: "self", summary: "SUSE CVE CVE-2019-12526 page", url: "https://www.suse.com/security/cve/CVE-2019-12526/", }, { category: "self", summary: "SUSE CVE CVE-2019-12527 page", url: "https://www.suse.com/security/cve/CVE-2019-12527/", }, { category: "self", summary: "SUSE CVE CVE-2019-12529 page", url: "https://www.suse.com/security/cve/CVE-2019-12529/", }, { category: "self", summary: "SUSE CVE CVE-2019-12854 page", url: "https://www.suse.com/security/cve/CVE-2019-12854/", }, { category: "self", summary: "SUSE CVE CVE-2019-13345 page", url: "https://www.suse.com/security/cve/CVE-2019-13345/", }, { category: "self", summary: "SUSE CVE CVE-2019-18676 page", url: "https://www.suse.com/security/cve/CVE-2019-18676/", }, { category: "self", summary: "SUSE CVE CVE-2019-18677 page", url: "https://www.suse.com/security/cve/CVE-2019-18677/", }, { category: "self", summary: "SUSE CVE CVE-2019-18678 page", url: "https://www.suse.com/security/cve/CVE-2019-18678/", }, { category: "self", summary: "SUSE CVE CVE-2019-18679 page", url: "https://www.suse.com/security/cve/CVE-2019-18679/", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, ], title: "Security update for squid", tracking: { current_release_date: "2019-11-21T13:25:53Z", generator: { date: "2019-11-21T13:25:53Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2019:2540-1", initial_release_date: "2019-11-21T13:25:53Z", revision_history: [ { date: "2019-11-21T13:25:53Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "squid-4.9-lp150.13.1.x86_64", product: { name: "squid-4.9-lp150.13.1.x86_64", product_id: "squid-4.9-lp150.13.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.0", product: { name: "openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.0", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "squid-4.9-lp150.13.1.x86_64 as component of openSUSE Leap 15.0", product_id: "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", }, product_reference: "squid-4.9-lp150.13.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.0", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12523", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12523", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12523", url: "https://www.suse.com/security/cve/CVE-2019-12523", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-12523", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-12523", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "important", }, ], title: "CVE-2019-12523", }, { cve: "CVE-2019-12525", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12525", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12525", url: "https://www.suse.com/security/cve/CVE-2019-12525", }, { category: "external", summary: "SUSE Bug 1141332 for CVE-2019-12525", url: "https://bugzilla.suse.com/1141332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "important", }, ], title: "CVE-2019-12525", }, { cve: "CVE-2019-12526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12526", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12526", url: "https://www.suse.com/security/cve/CVE-2019-12526", }, { category: "external", summary: "SUSE Bug 1156326 for CVE-2019-12526", url: "https://bugzilla.suse.com/1156326", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "important", }, ], title: "CVE-2019-12526", }, { cve: "CVE-2019-12527", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12527", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12527", url: "https://www.suse.com/security/cve/CVE-2019-12527", }, { category: "external", summary: "SUSE Bug 1141330 for CVE-2019-12527", url: "https://bugzilla.suse.com/1141330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "critical", }, ], title: "CVE-2019-12527", }, { cve: "CVE-2019-12529", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12529", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12529", url: "https://www.suse.com/security/cve/CVE-2019-12529", }, { category: "external", summary: "SUSE Bug 1141329 for CVE-2019-12529", url: "https://bugzilla.suse.com/1141329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-12529", }, { cve: "CVE-2019-12854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12854", }, ], notes: [ { category: "general", text: "Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12854", url: "https://www.suse.com/security/cve/CVE-2019-12854", }, { category: "external", summary: "SUSE Bug 1141442 for CVE-2019-12854", url: "https://bugzilla.suse.com/1141442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-12854", }, { cve: "CVE-2019-13345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13345", }, ], notes: [ { category: "general", text: "The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13345", url: "https://www.suse.com/security/cve/CVE-2019-13345", }, { category: "external", summary: "SUSE Bug 1140738 for CVE-2019-13345", url: "https://bugzilla.suse.com/1140738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-13345", }, { cve: "CVE-2019-18676", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18676", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18676", url: "https://www.suse.com/security/cve/CVE-2019-18676", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-18676", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-18676", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "important", }, ], title: "CVE-2019-18676", }, { cve: "CVE-2019-18677", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18677", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18677", url: "https://www.suse.com/security/cve/CVE-2019-18677", }, { category: "external", summary: "SUSE Bug 1156328 for CVE-2019-18677", url: "https://bugzilla.suse.com/1156328", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "important", }, ], title: "CVE-2019-18677", }, { cve: "CVE-2019-18678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18678", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18678", url: "https://www.suse.com/security/cve/CVE-2019-18678", }, { category: "external", summary: "SUSE Bug 1156323 for CVE-2019-18678", url: "https://bugzilla.suse.com/1156323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-18678", }, { cve: "CVE-2019-18679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18679", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18679", url: "https://www.suse.com/security/cve/CVE-2019-18679", }, { category: "external", summary: "SUSE Bug 1156324 for CVE-2019-18679", url: "https://bugzilla.suse.com/1156324", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-18679", }, { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "openSUSE Leap 15.0:squid-4.9-lp150.13.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-21T13:25:53Z", details: "moderate", }, ], title: "CVE-2019-3688", }, ], }
gsd-2019-3688
Vulnerability from gsd
Modified
2023-12-13 01:24
Details
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
Aliases
Aliases
{ GSD: { alias: "CVE-2019-3688", description: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", id: "GSD-2019-3688", references: [ "https://www.suse.com/security/cve/CVE-2019-3688.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2019-3688", ], details: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", id: "GSD-2019-3688", modified: "2023-12-13T01:24:04.674898Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@suse.com", DATE_PUBLIC: "2018-05-15T00:00:00.000Z", ID: "CVE-2019-3688", STATE: "PUBLIC", TITLE: "squid: /usr/sbin/pinger packaged with wrong permission", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "SUSE Linux Enterprise Server 15", version: { version_data: [ { version_affected: "<=", version_name: "squid", version_value: "4.8-5.8.1", }, ], }, }, { product_name: "SUSE Linux Enterprise Server 12", version: { version_data: [ { version_affected: "<=", version_name: "squid", version_value: "3.5.21-26.17.1", }, ], }, }, ], }, vendor_name: "SUSE", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", }, ], }, generator: { engine: "Vulnogram 0.0.8", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-276 Incorrect Default Permissions", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", refsource: "CONFIRM", url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { name: "openSUSE-SU-2019:2540", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { name: "openSUSE-SU-2019:2541", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { name: "openSUSE-SU-2019:2672", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, ], }, source: { advisory: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", defect: [ "1093414", ], discovery: "UNKNOWN", }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:ltss:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:ltss:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:suse_linux_enterprise_server:15:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp1:*:*:ltss:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@suse.com", ID: "CVE-2019-3688", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-276", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", refsource: "CONFIRM", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { name: "openSUSE-SU-2019:2541", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { name: "openSUSE-SU-2019:2540", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { name: "openSUSE-SU-2019:2672", refsource: "SUSE", tags: [], url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "NONE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:N/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, }, }, lastModifiedDate: "2019-11-21T19:15Z", publishedDate: "2019-10-07T14:15Z", }, }, }
ghsa-mx4x-652m-w4fw
Vulnerability from github
Published
2022-05-24 16:58
Modified
2022-05-24 16:58
Details
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
{ affected: [], aliases: [ "CVE-2019-3688", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2019-10-07T14:15:00Z", severity: "MODERATE", }, details: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", id: "GHSA-mx4x-652m-w4fw", modified: "2022-05-24T16:58:10Z", published: "2022-05-24T16:58:10Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3688", }, { type: "WEB", url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, ], schema_version: "1.4.0", severity: [], }
suse-su-2019:3180-1
Vulnerability from csaf_suse
Published
2019-12-05 10:42
Modified
2019-12-05 10:42
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid
which could have allowed a squid user to gain persistence by changing the
binary (bsc#1093414).
- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic
links (bsc#1150734).
- Fixed a regression which caused segmentation fault (bsc#1157198).
Patchnames
HPE-Helion-OpenStack-8-2019-3180,SUSE-2019-3180,SUSE-OpenStack-Cloud-7-2019-3180,SUSE-OpenStack-Cloud-8-2019-3180,SUSE-OpenStack-Cloud-Crowbar-8-2019-3180,SUSE-SLE-SAP-12-SP2-2019-3180,SUSE-SLE-SAP-12-SP3-2019-3180,SUSE-SLE-SERVER-12-SP2-2019-3180,SUSE-SLE-SERVER-12-SP2-BCL-2019-3180,SUSE-SLE-SERVER-12-SP3-2019-3180,SUSE-SLE-SERVER-12-SP3-BCL-2019-3180,SUSE-Storage-5-2019-3180
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\n- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid\n which could have allowed a squid user to gain persistence by changing the \n binary (bsc#1093414).\n- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic \n links (bsc#1150734).\n- Fixed a regression which caused segmentation fault (bsc#1157198).\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2019-3180,SUSE-2019-3180,SUSE-OpenStack-Cloud-7-2019-3180,SUSE-OpenStack-Cloud-8-2019-3180,SUSE-OpenStack-Cloud-Crowbar-8-2019-3180,SUSE-SLE-SAP-12-SP2-2019-3180,SUSE-SLE-SAP-12-SP3-2019-3180,SUSE-SLE-SERVER-12-SP2-2019-3180,SUSE-SLE-SERVER-12-SP2-BCL-2019-3180,SUSE-SLE-SERVER-12-SP3-2019-3180,SUSE-SLE-SERVER-12-SP3-BCL-2019-3180,SUSE-Storage-5-2019-3180", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3180-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:3180-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20193180-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:3180-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006211.html", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1150734", url: "https://bugzilla.suse.com/1150734", }, { category: "self", summary: "SUSE Bug 1157198", url: "https://bugzilla.suse.com/1157198", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2019-12-05T10:42:59Z", generator: { date: "2019-12-05T10:42:59Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:3180-1", initial_release_date: "2019-12-05T10:42:59Z", revision_history: [ { date: "2019-12-05T10:42:59Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.aarch64", product: { name: "permissions-2015.09.28.1626-17.20.1.aarch64", product_id: "permissions-2015.09.28.1626-17.20.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.i586", product: { name: "permissions-2015.09.28.1626-17.20.1.i586", product_id: "permissions-2015.09.28.1626-17.20.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.ppc64le", product: { name: "permissions-2015.09.28.1626-17.20.1.ppc64le", product_id: "permissions-2015.09.28.1626-17.20.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.s390", product: { name: "permissions-2015.09.28.1626-17.20.1.s390", product_id: "permissions-2015.09.28.1626-17.20.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.s390x", product: { name: "permissions-2015.09.28.1626-17.20.1.s390x", product_id: "permissions-2015.09.28.1626-17.20.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-2015.09.28.1626-17.20.1.x86_64", product: { name: "permissions-2015.09.28.1626-17.20.1.x86_64", product_id: "permissions-2015.09.28.1626-17.20.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 7", product: { name: "SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:7", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 5", product: { name: "SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5", product_identification_helper: { cpe: "cpe:/o:suse:ses:5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.s390x as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", }, product_reference: "permissions-2015.09.28.1626-17.20.1.s390x", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE OpenStack Cloud 7", product_id: "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 7", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", }, product_reference: "permissions-2015.09.28.1626-17.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP2", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", }, product_reference: "permissions-2015.09.28.1626-17.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", }, product_reference: "permissions-2015.09.28.1626-17.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", }, product_reference: "permissions-2015.09.28.1626-17.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", }, product_reference: "permissions-2015.09.28.1626-17.20.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", }, product_reference: "permissions-2015.09.28.1626-17.20.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.aarch64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.aarch64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, { category: "default_component_of", full_product_name: { name: "permissions-2015.09.28.1626-17.20.1.x86_64 as component of SUSE Enterprise Storage 5", product_id: "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", }, product_reference: "permissions-2015.09.28.1626-17.20.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 5", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:42:59Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "HPE Helion OpenStack 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Enterprise Storage 5:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP2-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.aarch64", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP2:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.s390x", "SUSE OpenStack Cloud 7:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud 8:permissions-2015.09.28.1626-17.20.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:permissions-2015.09.28.1626-17.20.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:42:59Z", details: "moderate", }, ], title: "CVE-2019-3690", }, ], }
suse-su-2019:3183-1
Vulnerability from csaf_suse
Published
2019-12-05 10:43
Modified
2019-12-05 10:43
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
Security issues fixed:
- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid
which could have allowed a squid user to gain persistence by changing the
binary (bsc#1093414).
- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic
links (bsc#1150734).
Other issue addressed:
- Corrected a badly constracted file which could have allowed treating of the
shell environment as permissions files (bsc#1097665,bsc#1047247).
- Fixed a regression which caused sagmentation fault (bsc#1157198).
Patchnames
SUSE-2019-3183,SUSE-SLE-DESKTOP-12-SP4-2019-3183,SUSE-SLE-SERVER-12-SP4-2019-3183,SUSE-SLE-SERVER-12-SP5-2019-3183
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid\n which could have allowed a squid user to gain persistence by changing the \n binary (bsc#1093414).\n- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic \n links (bsc#1150734).\t \n\nOther issue addressed: \n\n- Corrected a badly constracted file which could have allowed treating of the\n shell environment as permissions files (bsc#1097665,bsc#1047247).\n- Fixed a regression which caused sagmentation fault (bsc#1157198). \n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-3183,SUSE-SLE-DESKTOP-12-SP4-2019-3183,SUSE-SLE-SERVER-12-SP4-2019-3183,SUSE-SLE-SERVER-12-SP5-2019-3183", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3183-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:3183-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20193183-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:3183-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006218.html", }, { category: "self", summary: "SUSE Bug 1047247", url: "https://bugzilla.suse.com/1047247", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1097665", url: "https://bugzilla.suse.com/1097665", }, { category: "self", summary: "SUSE Bug 1150734", url: "https://bugzilla.suse.com/1150734", }, { category: "self", summary: "SUSE Bug 1157198", url: "https://bugzilla.suse.com/1157198", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2019-12-05T10:43:32Z", generator: { date: "2019-12-05T10:43:32Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:3183-1", initial_release_date: "2019-12-05T10:43:32Z", revision_history: [ { date: "2019-12-05T10:43:32Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.aarch64", product: { name: "permissions-20170707-3.14.1.aarch64", product_id: "permissions-20170707-3.14.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.i586", product: { name: "permissions-20170707-3.14.1.i586", product_id: "permissions-20170707-3.14.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.ppc64le", product: { name: "permissions-20170707-3.14.1.ppc64le", product_id: "permissions-20170707-3.14.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.s390", product: { name: "permissions-20170707-3.14.1.s390", product_id: "permissions-20170707-3.14.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.s390x", product: { name: "permissions-20170707-3.14.1.s390x", product_id: "permissions-20170707-3.14.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-20170707-3.14.1.x86_64", product: { name: "permissions-20170707-3.14.1.x86_64", product_id: "permissions-20170707-3.14.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP4", product: { name: "SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", }, product_reference: "permissions-20170707-3.14.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", }, product_reference: "permissions-20170707-3.14.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", }, product_reference: "permissions-20170707-3.14.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", }, product_reference: "permissions-20170707-3.14.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", }, product_reference: "permissions-20170707-3.14.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", }, product_reference: "permissions-20170707-3.14.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", }, product_reference: "permissions-20170707-3.14.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", }, product_reference: "permissions-20170707-3.14.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", }, product_reference: "permissions-20170707-3.14.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", }, product_reference: "permissions-20170707-3.14.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", }, product_reference: "permissions-20170707-3.14.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", }, product_reference: "permissions-20170707-3.14.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", }, product_reference: "permissions-20170707-3.14.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", }, product_reference: "permissions-20170707-3.14.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", }, product_reference: "permissions-20170707-3.14.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", }, product_reference: "permissions-20170707-3.14.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-3.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", }, product_reference: "permissions-20170707-3.14.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:43:32Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:permissions-20170707-3.14.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-3.14.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:43:32Z", details: "moderate", }, ], title: "CVE-2019-3690", }, ], }
suse-su-2019:2975-1
Vulnerability from csaf_suse
Published
2019-11-14 16:02
Modified
2019-11-14 16:02
Summary
Security update for squid
Notes
Title of the patch
Security update for squid
Description of the patch
This update for squid to version 4.9 fixes the following issues:
Security issues fixed:
- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).
- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).
- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).
- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).
- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).
- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).
Other issues addressed:
* Fixed DNS failures when peer name was configured with any upper case characters
* Fixed several rock cache_dir corruption issues
Patchnames
SUSE-2019-2975,SUSE-SLE-Module-Server-Applications-15-2019-2975,SUSE-SLE-Module-Server-Applications-15-SP1-2019-2975
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for squid", title: "Title of the patch", }, { category: "description", text: "This update for squid to version 4.9 fixes the following issues:\n\nSecurity issues fixed: \n\n- CVE-2019-13345: Fixed multiple cross-site scripting vulnerabilities in cachemgr.cgi (bsc#1140738).\n- CVE-2019-12526: Fixed potential remote code execution during URN processing (bsc#1156326).\n- CVE-2019-12523,CVE-2019-18676: Fixed multiple improper validations in URI processing (bsc#1156329).\n- CVE-2019-18677: Fixed Cross-Site Request Forgery in HTTP Request processing (bsc#1156328).\n- CVE-2019-18678: Fixed incorrect message parsing which could have led to HTTP request splitting issue (bsc#1156323).\n- CVE-2019-18679: Fixed information disclosure when processing HTTP Digest Authentication (bsc#1156324).\n\nOther issues addressed:\n\n * Fixed DNS failures when peer name was configured with any upper case characters\n * Fixed several rock cache_dir corruption issues\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-2975,SUSE-SLE-Module-Server-Applications-15-2019-2975,SUSE-SLE-Module-Server-Applications-15-SP1-2019-2975", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2975-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:2975-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192975-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:2975-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-November/006141.html", }, { category: "self", summary: "SUSE Bug 1133089", url: "https://bugzilla.suse.com/1133089", }, { category: "self", summary: "SUSE Bug 1140738", url: "https://bugzilla.suse.com/1140738", }, { category: "self", summary: "SUSE Bug 1141329", url: "https://bugzilla.suse.com/1141329", }, { category: "self", summary: "SUSE Bug 1141330", url: "https://bugzilla.suse.com/1141330", }, { category: "self", summary: "SUSE Bug 1141332", url: "https://bugzilla.suse.com/1141332", }, { category: "self", summary: "SUSE Bug 1141442", url: "https://bugzilla.suse.com/1141442", }, { category: "self", summary: "SUSE Bug 1156323", url: "https://bugzilla.suse.com/1156323", }, { category: "self", summary: "SUSE Bug 1156324", url: "https://bugzilla.suse.com/1156324", }, { category: "self", summary: "SUSE Bug 1156326", url: "https://bugzilla.suse.com/1156326", }, { category: "self", summary: "SUSE Bug 1156328", url: "https://bugzilla.suse.com/1156328", }, { category: "self", summary: "SUSE Bug 1156329", url: "https://bugzilla.suse.com/1156329", }, { category: "self", summary: "SUSE CVE CVE-2019-12523 page", url: "https://www.suse.com/security/cve/CVE-2019-12523/", }, { category: "self", summary: "SUSE CVE CVE-2019-12525 page", url: "https://www.suse.com/security/cve/CVE-2019-12525/", }, { category: "self", summary: "SUSE CVE CVE-2019-12526 page", url: "https://www.suse.com/security/cve/CVE-2019-12526/", }, { category: "self", summary: "SUSE CVE CVE-2019-12527 page", url: "https://www.suse.com/security/cve/CVE-2019-12527/", }, { category: "self", summary: "SUSE CVE CVE-2019-12529 page", url: "https://www.suse.com/security/cve/CVE-2019-12529/", }, { category: "self", summary: "SUSE CVE CVE-2019-12854 page", url: "https://www.suse.com/security/cve/CVE-2019-12854/", }, { category: "self", summary: "SUSE CVE CVE-2019-13345 page", url: "https://www.suse.com/security/cve/CVE-2019-13345/", }, { category: "self", summary: "SUSE CVE CVE-2019-18676 page", url: "https://www.suse.com/security/cve/CVE-2019-18676/", }, { category: "self", summary: "SUSE CVE CVE-2019-18677 page", url: "https://www.suse.com/security/cve/CVE-2019-18677/", }, { category: "self", summary: "SUSE CVE CVE-2019-18678 page", url: "https://www.suse.com/security/cve/CVE-2019-18678/", }, { category: "self", summary: "SUSE CVE CVE-2019-18679 page", url: "https://www.suse.com/security/cve/CVE-2019-18679/", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, ], title: "Security update for squid", tracking: { current_release_date: "2019-11-14T16:02:41Z", generator: { date: "2019-11-14T16:02:41Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:2975-1", initial_release_date: "2019-11-14T16:02:41Z", revision_history: [ { date: "2019-11-14T16:02:41Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "squid-4.9-5.11.1.aarch64", product: { name: "squid-4.9-5.11.1.aarch64", product_id: "squid-4.9-5.11.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "squid-4.9-5.11.1.i586", product: { name: "squid-4.9-5.11.1.i586", product_id: "squid-4.9-5.11.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "squid-4.9-5.11.1.ppc64le", product: { name: "squid-4.9-5.11.1.ppc64le", product_id: "squid-4.9-5.11.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "squid-4.9-5.11.1.s390x", product: { name: "squid-4.9-5.11.1.s390x", product_id: "squid-4.9-5.11.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "squid-4.9-5.11.1.x86_64", product: { name: "squid-4.9-5.11.1.x86_64", product_id: "squid-4.9-5.11.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15", product: { name: "SUSE Linux Enterprise Module for Server Applications 15", product_id: "SUSE Linux Enterprise Module for Server Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product: { name: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-server-applications:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15", product_id: "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", }, product_reference: "squid-4.9-5.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15", product_id: "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", }, product_reference: "squid-4.9-5.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15", product_id: "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", }, product_reference: "squid-4.9-5.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15", product_id: "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", }, product_reference: "squid-4.9-5.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", }, product_reference: "squid-4.9-5.11.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", }, product_reference: "squid-4.9-5.11.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", }, product_reference: "squid-4.9-5.11.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "squid-4.9-5.11.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1", product_id: "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", }, product_reference: "squid-4.9-5.11.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Server Applications 15 SP1", }, ], }, vulnerabilities: [ { cve: "CVE-2019-12523", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12523", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypassed and allows access to restricted HTTP servers, e.g., an attacker can connect to HTTP servers that only listen on localhost.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12523", url: "https://www.suse.com/security/cve/CVE-2019-12523", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-12523", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-12523", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "important", }, ], title: "CVE-2019-12523", }, { cve: "CVE-2019-12525", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12525", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if this token's value starts with a quote and ends with one. If so, it performs a memcpy of its length minus 2. Squid never checks whether the value is just a single quote (which would satisfy its requirements), leading to a memcpy of its length minus 1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12525", url: "https://www.suse.com/security/cve/CVE-2019-12525", }, { category: "external", summary: "SUSE Bug 1141332 for CVE-2019-12525", url: "https://bugzilla.suse.com/1141332", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "important", }, ], title: "CVE-2019-12525", }, { cve: "CVE-2019-12526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12526", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker controlled data overflowing in the heap.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12526", url: "https://www.suse.com/security/cve/CVE-2019-12526", }, { category: "external", summary: "SUSE Bug 1156326 for CVE-2019-12526", url: "https://bugzilla.suse.com/1156326", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "important", }, ], title: "CVE-2019-12526", }, { cve: "CVE-2019-12527", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12527", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leading to a heap-based buffer overflow with user controlled data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12527", url: "https://www.suse.com/security/cve/CVE-2019-12527", }, { category: "external", summary: "SUSE Bug 1141330 for CVE-2019-12527", url: "https://bugzilla.suse.com/1141330", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "critical", }, ], title: "CVE-2019-12527", }, { cve: "CVE-2019-12529", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12529", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checking its table. The length is then used to start decoding the string. There are no checks to ensure that the length it calculates isn't greater than the input buffer. This leads to adjacent memory being decoded as well. An attacker would not be able to retrieve the decoded data unless the Squid maintainer had configured the display of usernames on error pages.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12529", url: "https://www.suse.com/security/cve/CVE-2019-12529", }, { category: "external", summary: "SUSE Bug 1141329 for CVE-2019-12529", url: "https://bugzilla.suse.com/1141329", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-12529", }, { cve: "CVE-2019-12854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-12854", }, ], notes: [ { category: "general", text: "Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4.7 may access unallocated memory. On systems with memory access protections, this can cause the CGI process to terminate unexpectedly, resulting in a denial of service for all clients using it.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-12854", url: "https://www.suse.com/security/cve/CVE-2019-12854", }, { category: "external", summary: "SUSE Bug 1141442 for CVE-2019-12854", url: "https://bugzilla.suse.com/1141442", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-12854", }, { cve: "CVE-2019-13345", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-13345", }, ], notes: [ { category: "general", text: "The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-13345", url: "https://www.suse.com/security/cve/CVE-2019-13345", }, { category: "external", summary: "SUSE Bug 1140738 for CVE-2019-13345", url: "https://bugzilla.suse.com/1140738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-13345", }, { cve: "CVE-2019-18676", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18676", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurring before normal security checks; any remote client that can reach the proxy port can trivially perform the attack via a crafted URI scheme.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18676", url: "https://www.suse.com/security/cve/CVE-2019-18676", }, { category: "external", summary: "SUSE Bug 1156329 for CVE-2019-18676", url: "https://bugzilla.suse.com/1156329", }, { category: "external", summary: "SUSE Bug 1165586 for CVE-2019-18676", url: "https://bugzilla.suse.com/1165586", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "important", }, ], title: "CVE-2019-18676", }, { cve: "CVE-2019-18677", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18677", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately redirect traffic to origins it should not be delivered to.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18677", url: "https://www.suse.com/security/cve/CVE-2019-18677", }, { category: "external", summary: "SUSE Bug 1156328 for CVE-2019-18677", url: "https://bugzilla.suse.com/1156328", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "important", }, ], title: "CVE-2019-18677", }, { cve: "CVE-2019-18678", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18678", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (between a client and Squid) with attacker-controlled content at arbitrary URLs. Effects are isolated to software between the attacker client and Squid. There are no effects on Squid itself, nor on any upstream servers. The issue is related to a request header containing whitespace between a header name and a colon.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18678", url: "https://www.suse.com/security/cve/CVE-2019-18678", }, { category: "external", summary: "SUSE Bug 1156323 for CVE-2019-18678", url: "https://bugzilla.suse.com/1156323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-18678", }, { cve: "CVE-2019-18679", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-18679", }, ], notes: [ { category: "general", text: "An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-18679", url: "https://www.suse.com/security/cve/CVE-2019-18679", }, { category: "external", summary: "SUSE Bug 1156324 for CVE-2019-18679", url: "https://bugzilla.suse.com/1156324", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-18679", }, { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15 SP1:squid-4.9-5.11.1.x86_64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.aarch64", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.ppc64le", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.s390x", "SUSE Linux Enterprise Module for Server Applications 15:squid-4.9-5.11.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-11-14T16:02:41Z", details: "moderate", }, ], title: "CVE-2019-3688", }, ], }
suse-su-2019:3182-1
Vulnerability from csaf_suse
Published
2019-12-05 10:43
Modified
2019-12-05 10:43
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid
which could have allowed a squid user to gain persistence by changing the
binary (bsc#1093414).
- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic
links (bsc#1150734).
- Fixed a regression which caused sagmentation fault (bsc#1157198).
Patchnames
SUSE-2019-3182,SUSE-SLE-Module-Basesystem-15-2019-3182
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\t \n- CVE-2019-3688: Changed wrong ownership in /usr/sbin/pinger to root:squid\n which could have allowed a squid user to gain persistence by changing the \n binary (bsc#1093414).\n- CVE-2019-3690: Fixed a privilege escalation through untrusted symbolic \n links (bsc#1150734).\n- Fixed a regression which caused sagmentation fault (bsc#1157198).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2019-3182,SUSE-SLE-Module-Basesystem-15-2019-3182", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_3182-1.json", }, { category: "self", summary: "URL for SUSE-SU-2019:3182-1", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20193182-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2019:3182-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2019-December/006217.html", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1150734", url: "https://bugzilla.suse.com/1150734", }, { category: "self", summary: "SUSE Bug 1157198", url: "https://bugzilla.suse.com/1157198", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2019-12-05T10:43:17Z", generator: { date: "2019-12-05T10:43:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2019:3182-1", initial_release_date: "2019-12-05T10:43:17Z", revision_history: [ { date: "2019-12-05T10:43:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20180125-3.18.1.aarch64", product: { name: "permissions-20180125-3.18.1.aarch64", product_id: "permissions-20180125-3.18.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.18.1.i586", product: { name: "permissions-20180125-3.18.1.i586", product_id: "permissions-20180125-3.18.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.18.1.ppc64le", product: { name: "permissions-20180125-3.18.1.ppc64le", product_id: "permissions-20180125-3.18.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.18.1.s390x", product: { name: "permissions-20180125-3.18.1.s390x", product_id: "permissions-20180125-3.18.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.18.1.x86_64", product: { name: "permissions-20180125-3.18.1.x86_64", product_id: "permissions-20180125-3.18.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15", product: { name: "SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.18.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", }, product_reference: "permissions-20180125-3.18.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.18.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", }, product_reference: "permissions-20180125-3.18.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.18.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", }, product_reference: "permissions-20180125-3.18.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.18.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", }, product_reference: "permissions-20180125-3.18.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:43:17Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:permissions-20180125-3.18.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2019-12-05T10:43:17Z", details: "moderate", }, ], title: "CVE-2019-3690", }, ], }
suse-su-2021:2280-1
Vulnerability from csaf_suse
Published
2021-07-09 14:29
Modified
2021-07-09 14:29
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
- Fork package for 12-SP5 (bsc#1155939)
- make btmp root:utmp (bsc#1050467, bsc#1182899)
- pcp: remove no longer needed / conflicting entries (bsc#1171883). Fixes a potential security issue.
- do not follow symlinks that are the final path element (CVE-2020-8013, bsc#1163922)
- fix handling of relative directory symlinks in chkstat
- whitelist postgres sticky directories (bsc#1123886)
- fix regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594)
- fix capability handling when doing multiple permission changes at once (bsc#1161779,
- fix invalid free() when permfiles points to argv (bsc#1157198)
- the eror should be reported for permfiles[i], not argv[i], as these are not the same files. (bsc#1047247, bsc#1097665)
- fix /usr/sbin/pinger ownership to root:squid (bsc#1093414, CVE-2019-3688)
- fix privilege escalation through untrusted symlinks (bsc#1150734, CVE-2019-3690)
Patchnames
SUSE-2021-2280,SUSE-SLE-SERVER-12-SP5-2021-2280
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\n- Fork package for 12-SP5 (bsc#1155939)\n- make btmp root:utmp (bsc#1050467, bsc#1182899)\n- pcp: remove no longer needed / conflicting entries (bsc#1171883). Fixes a potential security issue.\n- do not follow symlinks that are the final path element (CVE-2020-8013, bsc#1163922)\n- fix handling of relative directory symlinks in chkstat\n- whitelist postgres sticky directories (bsc#1123886)\n- fix regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594)\n- fix capability handling when doing multiple permission changes at once (bsc#1161779,\n- fix invalid free() when permfiles points to argv (bsc#1157198)\n- the eror should be reported for permfiles[i], not argv[i], as these are not the same files. (bsc#1047247, bsc#1097665)\n- fix /usr/sbin/pinger ownership to root:squid (bsc#1093414, CVE-2019-3688)\n- fix privilege escalation through untrusted symlinks (bsc#1150734, CVE-2019-3690)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2021-2280,SUSE-SLE-SERVER-12-SP5-2021-2280", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2280-1.json", }, { category: "self", summary: "URL for SUSE-SU-2021:2280-1", url: "https://www.suse.com/support/update/announcement/2021/suse-su-20212280-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2021:2280-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-July/009118.html", }, { category: "self", summary: "SUSE Bug 1047247", url: "https://bugzilla.suse.com/1047247", }, { category: "self", summary: "SUSE Bug 1050467", url: "https://bugzilla.suse.com/1050467", }, { category: "self", summary: "SUSE Bug 1093414", url: "https://bugzilla.suse.com/1093414", }, { category: "self", summary: "SUSE Bug 1097665", url: "https://bugzilla.suse.com/1097665", }, { category: "self", summary: "SUSE Bug 1123886", url: "https://bugzilla.suse.com/1123886", }, { category: "self", summary: "SUSE Bug 1150734", url: "https://bugzilla.suse.com/1150734", }, { category: "self", summary: "SUSE Bug 1155939", url: "https://bugzilla.suse.com/1155939", }, { category: "self", summary: "SUSE Bug 1157198", url: "https://bugzilla.suse.com/1157198", }, { category: "self", summary: "SUSE Bug 1160594", url: "https://bugzilla.suse.com/1160594", }, { category: "self", summary: "SUSE Bug 1160764", url: "https://bugzilla.suse.com/1160764", }, { category: "self", summary: "SUSE Bug 1161779", url: "https://bugzilla.suse.com/1161779", }, { category: "self", summary: "SUSE Bug 1163922", url: "https://bugzilla.suse.com/1163922", }, { category: "self", summary: "SUSE Bug 1171883", url: "https://bugzilla.suse.com/1171883", }, { category: "self", summary: "SUSE Bug 1182899", url: "https://bugzilla.suse.com/1182899", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, { category: "self", summary: "SUSE CVE CVE-2020-8013 page", url: "https://www.suse.com/security/cve/CVE-2020-8013/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2021-07-09T14:29:17Z", generator: { date: "2021-07-09T14:29:17Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2021:2280-1", initial_release_date: "2021-07-09T14:29:17Z", revision_history: [ { date: "2021-07-09T14:29:17Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.aarch64", product: { name: "permissions-20170707-6.4.1.aarch64", product_id: "permissions-20170707-6.4.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.i586", product: { name: "permissions-20170707-6.4.1.i586", product_id: "permissions-20170707-6.4.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.ppc64le", product: { name: "permissions-20170707-6.4.1.ppc64le", product_id: "permissions-20170707-6.4.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.s390", product: { name: "permissions-20170707-6.4.1.s390", product_id: "permissions-20170707-6.4.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.s390x", product: { name: "permissions-20170707-6.4.1.s390x", product_id: "permissions-20170707-6.4.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-20170707-6.4.1.x86_64", product: { name: "permissions-20170707-6.4.1.x86_64", product_id: "permissions-20170707-6.4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", }, product_reference: "permissions-20170707-6.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", }, product_reference: "permissions-20170707-6.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", }, product_reference: "permissions-20170707-6.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", }, product_reference: "permissions-20170707-6.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", }, product_reference: "permissions-20170707-6.4.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", }, product_reference: "permissions-20170707-6.4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", }, product_reference: "permissions-20170707-6.4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "permissions-20170707-6.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", }, product_reference: "permissions-20170707-6.4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-07-09T14:29:17Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-07-09T14:29:17Z", details: "moderate", }, ], title: "CVE-2019-3690", }, { cve: "CVE-2020-8013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8013", }, ], notes: [ { category: "general", text: "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8013", url: "https://www.suse.com/security/cve/CVE-2020-8013", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2020-8013", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server 12 SP5:permissions-20170707-6.4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:permissions-20170707-6.4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2021-07-09T14:29:17Z", details: "moderate", }, ], title: "CVE-2020-8013", }, ], }
suse-su-2020:1163-1
Vulnerability from csaf_suse
Published
2020-05-04 07:45
Modified
2020-05-04 07:45
Summary
Security update for permissions
Notes
Title of the patch
Security update for permissions
Description of the patch
This update for permissions fixes the following issues:
Security issue fixed:
- CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim (bsc#1163922).
Non-security issues fixed:
- Fixed regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594)
- Fixed capability handling when doing multiple permission changes at once (bsc#1161779)
- Fixed handling of relative directory symlinks in chkstat
Patchnames
SUSE-2020-1163,SUSE-SLE-Product-HPC-15-2020-1163,SUSE-SLE-Product-SLES-15-2020-1163,SUSE-SLE-Product-SLES_SAP-15-2020-1163
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for permissions", title: "Title of the patch", }, { category: "description", text: "This update for permissions fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2020-8013: Fixed a local privilege escalation with mrsh and wodim (bsc#1163922).\n\nNon-security issues fixed:\n\n- Fixed regression where chkstat breaks without /proc available (bsc#1160764, bsc#1160594)\n- Fixed capability handling when doing multiple permission changes at once (bsc#1161779)\n- Fixed handling of relative directory symlinks in chkstat\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2020-1163,SUSE-SLE-Product-HPC-15-2020-1163,SUSE-SLE-Product-SLES-15-2020-1163,SUSE-SLE-Product-SLES_SAP-15-2020-1163", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_1163-1.json", }, { category: "self", summary: "URL for SUSE-SU-2020:1163-1", url: "https://www.suse.com/support/update/announcement/2020/suse-su-20201163-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2020:1163-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2020-May/006772.html", }, { category: "self", summary: "SUSE Bug 1160594", url: "https://bugzilla.suse.com/1160594", }, { category: "self", summary: "SUSE Bug 1160764", url: "https://bugzilla.suse.com/1160764", }, { category: "self", summary: "SUSE Bug 1161779", url: "https://bugzilla.suse.com/1161779", }, { category: "self", summary: "SUSE Bug 1163922", url: "https://bugzilla.suse.com/1163922", }, { category: "self", summary: "SUSE CVE CVE-2019-3688 page", url: "https://www.suse.com/security/cve/CVE-2019-3688/", }, { category: "self", summary: "SUSE CVE CVE-2019-3690 page", url: "https://www.suse.com/security/cve/CVE-2019-3690/", }, { category: "self", summary: "SUSE CVE CVE-2020-8013 page", url: "https://www.suse.com/security/cve/CVE-2020-8013/", }, ], title: "Security update for permissions", tracking: { current_release_date: "2020-05-04T07:45:16Z", generator: { date: "2020-05-04T07:45:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2020:1163-1", initial_release_date: "2020-05-04T07:45:16Z", revision_history: [ { date: "2020-05-04T07:45:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "permissions-20180125-3.21.1.aarch64", product: { name: "permissions-20180125-3.21.1.aarch64", product_id: "permissions-20180125-3.21.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.21.1.i586", product: { name: "permissions-20180125-3.21.1.i586", product_id: "permissions-20180125-3.21.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.21.1.ppc64le", product: { name: "permissions-20180125-3.21.1.ppc64le", product_id: "permissions-20180125-3.21.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.21.1.s390x", product: { name: "permissions-20180125-3.21.1.s390x", product_id: "permissions-20180125-3.21.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "permissions-20180125-3.21.1.x86_64", product: { name: "permissions-20180125-3.21.1.x86_64", product_id: "permissions-20180125-3.21.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-espos:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", }, product_reference: "permissions-20180125-3.21.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", product_id: "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", }, product_reference: "permissions-20180125-3.21.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-ESPOS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", }, product_reference: "permissions-20180125-3.21.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", }, product_reference: "permissions-20180125-3.21.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", }, product_reference: "permissions-20180125-3.21.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", }, product_reference: "permissions-20180125-3.21.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", }, product_reference: "permissions-20180125-3.21.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", }, product_reference: "permissions-20180125-3.21.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", }, product_reference: "permissions-20180125-3.21.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "permissions-20180125-3.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", }, product_reference: "permissions-20180125-3.21.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, ], }, vulnerabilities: [ { cve: "CVE-2019-3688", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3688", }, ], notes: [ { category: "general", text: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3688", url: "https://www.suse.com/security/cve/CVE-2019-3688", }, { category: "external", summary: "SUSE Bug 1093414 for CVE-2019-3688", url: "https://bugzilla.suse.com/1093414", }, { category: "external", summary: "SUSE Bug 1149108 for CVE-2019-3688", url: "https://bugzilla.suse.com/1149108", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-05-04T07:45:16Z", details: "moderate", }, ], title: "CVE-2019-3688", }, { cve: "CVE-2019-3690", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2019-3690", }, ], notes: [ { category: "general", text: "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2019-3690", url: "https://www.suse.com/security/cve/CVE-2019-3690", }, { category: "external", summary: "SUSE Bug 1148336 for CVE-2019-3690", url: "https://bugzilla.suse.com/1148336", }, { category: "external", summary: "SUSE Bug 1150734 for CVE-2019-3690", url: "https://bugzilla.suse.com/1150734", }, { category: "external", summary: "SUSE Bug 1157880 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157880", }, { category: "external", summary: "SUSE Bug 1157883 for CVE-2019-3690", url: "https://bugzilla.suse.com/1157883", }, { category: "external", summary: "SUSE Bug 1160594 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160594", }, { category: "external", summary: "SUSE Bug 1160764 for CVE-2019-3690", url: "https://bugzilla.suse.com/1160764", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2019-3690", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-05-04T07:45:16Z", details: "moderate", }, ], title: "CVE-2019-3690", }, { cve: "CVE-2020-8013", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-8013", }, ], notes: [ { category: "general", text: "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2020-8013", url: "https://www.suse.com/security/cve/CVE-2020-8013", }, { category: "external", summary: "SUSE Bug 1163922 for CVE-2020-8013", url: "https://bugzilla.suse.com/1163922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.8, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise High Performance Computing 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.aarch64", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:permissions-20180125-3.21.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:permissions-20180125-3.21.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2020-05-04T07:45:16Z", details: "moderate", }, ], title: "CVE-2020-8013", }, ], }
fkie_cve-2019-3688
Vulnerability from fkie_nvd
Published
2019-10-07 14:15
Modified
2024-11-21 04:42
Severity ?
5.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 15 | |
| suse | suse_linux_enterprise_server | 15 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp1:*:*:ltss:*:*:*", matchCriteriaId: "4BF3B54D-9CE7-44A3-89FB-7747FADBD361", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:ltss:*:*:*", matchCriteriaId: "0F45BC40-F836-447D-A5B3-8A7FCF64A82E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:ltss:*:*:*", matchCriteriaId: "DC4D0498-D6FB-4A73-B053-895AC60A4DEB", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:15:-:*:*:*:*:*:*", matchCriteriaId: "873082AA-2F7B-44C8-89D2-4DD48673BAE9", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:15:sp1:*:*:*:*:*:*", matchCriteriaId: "7642C831-6063-4405-A352-431CE374458A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary", }, { lang: "es", value: "El binario /usr/sbin/pinger empaquetado con squid en SUSE Linux Enterprise Server 15 anterior e incluyendo la versión 4.8-5.8.1 y en SUSE Linux Enterprise Server 12 anterior e incluyendo la versión 3.5.21-26.17.1, presenta squid:root, permisos 0750 . Esto permitió a un atacante que comprometía al usuario squid conseguir persistencia al cambiar el binario.", }, ], id: "CVE-2019-3688", lastModified: "2024-11-21T04:42:20.127", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "NONE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:N/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 9.2, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 2.5, source: "meissner@suse.de", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-07T14:15:11.977", references: [ { source: "meissner@suse.de", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { source: "meissner@suse.de", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { source: "meissner@suse.de", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, { source: "meissner@suse.de", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1093414", }, ], sourceIdentifier: "meissner@suse.de", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-276", }, ], source: "meissner@suse.de", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-276", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.