high
7.8
CWE
61
Advisory Published
Updated

CVE-2020-8019: syslog-ng: Local privilege escalation from new to root in %post

First published: Mon Jun 29 2020(Updated: )

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.

Credit: meissner@suse.de

Affected SoftwareAffected VersionHow to fix
Oneidentity Syslog-ng<2.0.9-27.34.40.5.1
SUSE Linux Enterprise Debuginfo=11-sp3
SUSE Linux Enterprise Debuginfo=11-sp4
Oneidentity Syslog-ng<3.6.4-12.8.1
SUSE Linux Enterprise Module for Legacy=12
SUSE Linux Enterprise Point of Sale=11-sp3
SUSE Linux Enterprise Server=11-sp4
Suse Linux Enterprise Server Sap=12-sp1
Oneidentity Syslog-ng<3.19.1-bp151.4.6.1
openSUSE Backports SLE=15.0-sp1
Oneidentity Syslog-ng<3.19.1-lp151.3.6.1
openSUSE Leap=15.1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-8019?

    CVE-2020-8019 is a UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4.

  • How severe is CVE-2020-8019?

    CVE-2020-8019 has a severity score of 7.8 (high).

  • What software is affected by CVE-2020-8019?

    Syslog-ng with versions 2.0.9-27.34.40.5.1, 3.6.4-12.8.1, and 3.19.1-bp151.4.6.1 are affected, as well as SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, and SUSE Linux Enterprise Server 11-SP4.

  • How can I fix CVE-2020-8019?

    Apply the latest patch or update provided by SUSE to fix CVE-2020-8019.

  • Where can I find more information about CVE-2020-8019?

    You can find more information about CVE-2020-8019 on the SUSE bugzilla website at https://bugzilla.suse.com/show_bug.cgi?id=1169385.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203