摘要:
A Improper Link Resolution Before File Access ( Link Following ) vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.
安全等级: Low
公告ID: KylinSec-SA-2022-2604
发布日期: 2022年11月11日
关联CVE: CVE-2022-31256
A Improper Link Resolution Before File Access ( Link Following ) vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2022-31256 | KY3.4-4A | sendmail | Unaffected |
| CVE-2022-31256 | KY3.4-5 | sendmail | Unaffected |
| CVE-2022-31256 | KY3.5.1 | sendmail | Unaffected |
