Descriptionenlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- openSUSE-SU-2022:10153-1, published Wed Oct 19 10:43:16 2022
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Package Hub 15 SP4|| ||Patchnames: |
|openSUSE Leap 15.4|| ||Patchnames: |
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA enlightenment-0.25.4-1.1
SUSE Timeline for this CVECVE page created: Wed Sep 21 16:00:37 2022
CVE page last modified: Mon Feb 20 10:26:44 2023