Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
race condition in the packaging of texlive-filesysten
Vulnerability Description
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local users to corrupt files or potentially escalate privileges. This issue affects: SUSE Linux Enterprise Module for Desktop Applications 15-SP1 texlive-filesystem versions prior to 2017.135-9.5.1. SUSE Linux Enterprise Software Development Kit 12-SP4 texlive-filesystem versions prior to 2013.74-16.5.1. SUSE Linux Enterprise Software Development Kit 12-SP5 texlive-filesystem versions prior to 2013.74-16.5.1. openSUSE Leap 15.1 texlive-filesystem versions prior to 2017.135-lp151.8.3.1.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
检查时间与使用时间(TOCTOU)的竞争条件
Vulnerability Title
SUSE openSUSE 竞争条件问题漏洞
Vulnerability Description
openSUSE是德国SUSE公司的一套基于Linux的自由操作系统与开源社区项目。 多款SUSE产品中的texlive-filesystem存在竞争条件问题漏洞。攻击者可利用该漏洞损坏文件或可能提升权限。以下产品及版本受到影响:SUSE Linux Enterprise Module for Desktop Applications 15-SP1版本(texlive-filesystem 2017.135-9.5.1之前版本);SUSE Linux Enterprise Software Develop
CVSS Information
N/A
Vulnerability Type
N/A