Oval Definition:oval:org.opensuse.security:def:202144225
Revision Date:2022-09-02Version:1
Title:CVE-2021-44225
Description:

In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This leads to access-control bypass in some situations in which an unrelated D-Bus system service has a settable (writable) property
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-44225
SUSE CVE-2021-44225
SUSE-SU-2022:2923-1
Platform(s):openSUSE Tumbleweed
SUSE Linux Enterprise High Availability 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND keepalived-2.2.7-1.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND keepalived is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND keepalived is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 SP2 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP2 is installed
  • OR SUSE Linux Enterprise Server 15 SP2 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • OR SUSE Manager Proxy 4.1 is installed
  • OR SUSE Manager Retail Branch Server 4.1 is installed
  • OR SUSE Manager Server 4.1 is installed
  • AND keepalived-2.0.19-150100.3.6.1 is installed
    • BACK