Oval Definition:	oval:org.opensuse.security:def:20221348
Revision Date: 2023-06-22 Version: 1 Title: CVE-2022-1348 Description: A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permission, allowing an unprivileged user to lock the state file, stopping any rotation. This flaw affects logrotate versions before 3.20.0. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2022-1348 SUSE CVE-2022-1348 SUSE-IU-2022:953-1 SUSE-IU-2022:954-1 SUSE-IU-2022:955-1 SUSE-SU-2022:2396-1 SUSE-CU-2022:2149-1 Platform(s): Image SLES15-SP4-Manager-Proxy-4-3-BYOS Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE openSUSE Tumbleweed SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Micro 5.0 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Real Time 15 SP2 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 Product(s): Definition Synopsis openSUSE Tumbleweed is installed AND logrotate-3.20.1-1.1 is installed Definition Synopsis SUSE Linux Enterprise Micro 5.0 is installed AND logrotate is not affected Definition Synopsis SUSE Linux Enterprise Micro 5.1 is installed AND logrotate is not affected Definition Synopsis SUSE Linux Enterprise Micro 5.2 is installed AND logrotate is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND logrotate-3.18.1-150400.3.7.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP4 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed OR SUSE Linux Enterprise Server 15 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed OR SUSE Manager Proxy 4.3 is installed OR SUSE Manager Retail Branch Server 4.3 is installed OR SUSE Manager Server 4.3 is installed AND logrotate-3.18.1-150400.3.7.1 is installed OR Package Information Image SLES15-SP4-Manager-Proxy-4-3-BYOS is installed OR Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure is installed OR Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 is installed OR Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE is installed OR Image SLES15-SP4-Manager-Server-4-3-BYOS is installed OR Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure is installed OR Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 is installed OR Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE is installed AND logrotate-3.18.1-150400.3.7.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Real Time 15 SP2 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed AND logrotate is not affected Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND logrotate is not affected Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 12 SP5 is installed OR SUSE Linux Enterprise Server 12 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND logrotate is not affected Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND logrotate-3.18.1-150400.3.7.1 is installed
BACK