Security update for EternalTerminal
This update for EternalTerminal fixes the following issues:
Update to 6.2.1:
* CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435)
* CVE-2022-24950: Fixed privilege escalation to root (boo#1202434)
* CVE-2022-24951: Fixed DoS triggered remotely by invalid sequence numbers (boo#1202433)
* CVE-2022-24952: Fixed race condition allows authenticated attacker to hijack other users' SSH authorization socket (boo#1202432)
-
Submitted by
Michael Vetter (jubalh)
Fixed bugs
bnc#1202433
VUL-0: CVE-2022-24951: EternalTerminal: race condition allows local attacker to hijack IPC socket
bnc#1202435
VUL-0: CVE-2022-24949: EternalTerminal: privilege escalation to root
bnc#1202432
VUL-0: CVE-2022-24952: EternalTerminal: DoS triggered remotely by invalid sequence numbers
bnc#1202434
VUL-0: CVE-2022-24950: EternalTerminal: race condition allows authenticated attacker to hijack other users' SSH authorization socket
