CVE-2018-19640 is a vulnerability in OpenSuse Supportutils
Published on March 5, 2019
Code execution if run with command line switch -v
If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine.
Weakness Type
Insecure Temporary File
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Products Associated with CVE-2018-19640
Want to know whenever a new CVE is published for OpenSuse Supportutils? stack.watch will email you.
Affected Versions
SUSE supportutils:- Version unspecified and below 3.1-5.7.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.