SUSE update for Security Beta update for SUSE Manager Client Tools and Salt



Risk Medium
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2016-8647
CVE-2016-9587
CVE-2017-7466
CVE-2017-7550
CVE-2018-10874
CVE-2020-14365
CVE-2023-5764
CVE-2023-6152
CVE-2024-0690
CWE-ID CWE-20
CWE-532
CWE-264
CWE-347
CWE-94
CWE-863
CWE-401
Exploitation vector Network
Public exploit Public exploit code for vulnerability #2 is available.
Vulnerable software
SUSE Linux Enterprise Real Time 15
Operating systems & Components / Operating system

openSUSE Leap
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 15
Operating systems & Components / Operating system

SUSE Manager Client Tools Beta for SLE Micro
Operating systems & Components / Operating system

SUSE Manager Client Tools Beta for SLE
Operating systems & Components / Operating system

SUSE Linux Enterprise Micro
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 15
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

golang-github-prometheus-node_exporter
Operating systems & Components / Operating system package or component

grafana
Operating systems & Components / Operating system package or component

grafana-debuginfo
Operating systems & Components / Operating system package or component

mgrctl
Operating systems & Components / Operating system package or component

python3-spacewalk-client-setup
Operating systems & Components / Operating system package or component

spacewalk-check
Operating systems & Components / Operating system package or component

mgrctl-bash-completion
Operating systems & Components / Operating system package or component

POS_Image-JeOS7
Operating systems & Components / Operating system package or component

spacewalk-client-tools
Operating systems & Components / Operating system package or component

dracut-saltboot
Operating systems & Components / Operating system package or component

spacewalk-client-setup
Operating systems & Components / Operating system package or component

POS_Image-Graphical7
Operating systems & Components / Operating system package or component

python3-spacewalk-client-tools
Operating systems & Components / Operating system package or component

mgrctl-zsh-completion
Operating systems & Components / Operating system package or component

supportutils-plugin-susemanager-client
Operating systems & Components / Operating system package or component

spacecmd
Operating systems & Components / Operating system package or component

python3-spacewalk-check
Operating systems & Components / Operating system package or component

ansible-doc
Operating systems & Components / Operating system package or component

ansible
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Improper input validation

EUVDB-ID: #VU7411

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2016-8647

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows an adjacent attacker to bypass security restrictions on the target system.

The weakness exists due to input validation error in Ansible's mysql_user module that may lead to incorrect password changing. An adjacent attacker can use the previous password and bypass security restrictions.

Successful exploitation of the vulnerability may result in access to the system.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper input validation

EUVDB-ID: #VU6639

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2016-9587,CVE-2017-7466

CWE-ID: CWE-20 - Improper input validation

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing responses, send by clients to Ansible server. A remote client can send a specially crafted response and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

3) Information disclosure through log files

EUVDB-ID: #VU12555

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-7550

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to improper passing of certain parameters to the jenkins_plugin module. A remote attacker can gain access to potentially sensitive sensitive information from a remote host's logs.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Privilege escalation

EUVDB-ID: #VU14157

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear]

CVE-ID: CVE-2018-10874

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to the system reads the 'ansible.cfg' file from the current working directory when running an ad-hoc command. A local attacker can modify the file to reference arbitrary plugin or module paths and execute arbitrary code from those paths with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper Verification of Cryptographic Signature

EUVDB-ID: #VU47274

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-14365

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

Exploit availability: No

Description

The vulnerability allows a local authenticated user to #BASIC_IMPACT#.

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Code Injection

EUVDB-ID: #VU84381

Risk: Medium

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-5764

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when handling templates. A remote user can remove the unsafe designation from template data and execute arbitrary code on the system.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Incorrect authorization

EUVDB-ID: #VU89210

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6152

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass email verification.

The vulnerability exists due to email addresses are verified only during sign up, if "verify_email_enabled" option is set. A remote attacker can register an account and then set an arbitrary email address without verification.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Memory leak

EUVDB-ID: #VU85621

Risk: Low

CVSSv4.0: [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-0690

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak caused by a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. A local user can gain access to potentially sensitive information.

Mitigation

Update the affected package Security Beta update for SUSE Manager Client Tools and Salt to the latest version.

Vulnerable software versions

SUSE Linux Enterprise Real Time 15: SP1 - SP6

openSUSE Leap: 15.3 - 15.6

SUSE Linux Enterprise Server for SAP Applications 15: SP1 - SP6

SUSE Linux Enterprise Server 15: SP1 - SP6

SUSE Linux Enterprise Desktop 15: SP1 - SP6

SUSE Manager Client Tools Beta for SLE Micro: 5

SUSE Manager Client Tools Beta for SLE: 15

SUSE Linux Enterprise Micro: 5.0 - 5.5

SUSE Linux Enterprise High Performance Computing 15: SP1 - SP5

SUSE Linux Enterprise Desktop: 15-SP1

SUSE Linux Enterprise Server: 15-SP3-LTSS

SUSE Linux Enterprise High Performance Computing: 15-SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications: 15

golang-github-prometheus-node_exporter: before 1.5.0-159000.6.2.1

grafana: before 9.5.16-159000.4.30.2

grafana-debuginfo: before 9.5.16-159000.4.30.2

mgrctl: before 0.1.7-159000.3.8.1

python3-spacewalk-client-setup: before 5.0.4-159000.6.54.2

spacewalk-check: before 5.0.4-159000.6.54.2

mgrctl-bash-completion: before 0.1.7-159000.3.8.1

POS_Image-JeOS7: before 0.1.1710765237.46af599-159000.3.24.2

spacewalk-client-tools: before 5.0.4-159000.6.54.2

dracut-saltboot: before 0.1.1710765237.46af599-159000.3.33.2

spacewalk-client-setup: before 5.0.4-159000.6.54.2

POS_Image-Graphical7: before 0.1.1710765237.46af599-159000.3.24.2

python3-spacewalk-client-tools: before 5.0.4-159000.6.54.2

mgrctl-zsh-completion: before 0.1.7-159000.3.8.1

supportutils-plugin-susemanager-client: before 5.0.3-159000.6.21.2

spacecmd: before 5.0.5-159000.6.48.2

python3-spacewalk-check: before 5.0.4-159000.6.54.2

ansible-doc: before 2.9.27-159000.3.12.2

ansible: before 2.9.27-159000.3.12.2

CPE2.3 External links

http://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###