Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

SUSE: 2022:0090-2 Critical: crmsh Privilege Escalation Update

suse
Calendar Grey January 12, 2021
Scroller Suse Esm H88
SUSE Security Patch for crmsh addresses a privilege escalation vulnerability identified as CVE-2020-35459. Critical update accessible immediately.
An update that fixes one vulnerability is now available

Summary

This update for crmsh fixes the following issue: - CVE-2020-35459: Fixed a privilege escalation in hawk_invoke (bsc#1179999). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Availability 15-SP1: zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2021-85=1 Package List: - SUSE Linux Enterprise High Availability 15-SP1 (noarch): crmsh-4.2.0+git.1607075079.a25648d8-3.51.1 crmsh-scripts-4.2.0+git.1607075079.a25648d8-3.51.1

References

#1179999

Cross- CVE-2020-35459

Affected Products:

SUSE Linux Enterprise High Availability 15-SP1

https://www.suse.com/security/cve/CVE-2020-35459.html

https://bugzilla.suse.com/1179999

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:0085-1
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.