vulnerability

SUSE: CVE-2019-18901: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:N/I:P/A:N)	Feb 26, 2020	Mar 3, 2020	Feb 4, 2022

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:P/A:N)

Published

Feb 26, 2020

Added

Mar 3, 2020

Modified

Feb 4, 2022

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1.

Solutions

suse-upgrade-libmariadbd-develsuse-upgrade-libmariadbd19suse-upgrade-libmysqld-develsuse-upgrade-libmysqld19suse-upgrade-mariadbsuse-upgrade-mariadb-benchsuse-upgrade-mariadb-clientsuse-upgrade-mariadb-errormessagessuse-upgrade-mariadb-galerasuse-upgrade-mariadb-testsuse-upgrade-mariadb-tools

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report