Overview

File _patchinfo of Package patchinfo.17726

<patchinfo incident="17726">
  <issue tracker="cve" id="2022-24950"/>
  <issue tracker="cve" id="2022-24951"/>
  <issue tracker="cve" id="2022-24952"/>
  <issue tracker="cve" id="2022-24949"/>
  <issue tracker="bnc" id="1202433">VUL-0: CVE-2022-24951: EternalTerminal: race condition allows local attacker to hijack IPC socket</issue>
  <issue tracker="bnc" id="1202435">VUL-0: CVE-2022-24949: EternalTerminal: privilege escalation to root</issue>
  <issue tracker="bnc" id="1202432">VUL-0: CVE-2022-24952: EternalTerminal: DoS triggered remotely by invalid sequence numbers</issue>
  <issue tracker="bnc" id="1202434">VUL-0: CVE-2022-24950: EternalTerminal: race condition allows authenticated attacker to hijack other users' SSH authorization socket</issue>
  <packager>jubalh</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for EternalTerminal</summary>
  <description>This update for EternalTerminal fixes the following issues:

Update to 6.2.1:

* CVE-2022-24949: Fixed race condition allows local attacker to hijack IPC socket (boo#1202435)
* CVE-2022-24950: Fixed privilege escalation to root (boo#1202434)
* CVE-2022-24951: Fixed DoS triggered remotely by invalid sequence numbers (boo#1202433)
* CVE-2022-24952: Fixed race condition allows authenticated attacker to hijack other users' SSH authorization socket (boo#1202432)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places