Back

openSUSE Leap 15.6 smc-tools Moderate Local DoS Vulnerability Fixed

Severity: Medium (Score: 45.9)

Sources: Linuxsecurity

Summary

A security update for smc-tools in openSUSE Leap 15.6 addresses a local denial of service (DoS) vulnerability caused by a predictable /tmp file. This vulnerability, identified as bsc#1230052, allows an attacker with local access to disrupt service by exploiting the flaw. The update includes enhancements in smc-tools v1.8.7, which prevents DoS on statistics workfiles present in /tmp. Previous versions, including v1.8.5 and v1.8.6, also received updates to improve functionality and documentation. Affected systems include openSUSE Leap 15.6 and SUSE Linux Enterprise Server 15 SP6. Users are advised to apply the patch using SUSE's recommended installation methods. The vulnerability does not appear to have been actively exploited in the wild. The current status is that the patch is available and should be applied promptly. Key Points: • A local DoS vulnerability in smc-tools affects openSUSE Leap 15.6. • The flaw is due to a predictable /tmp file, allowing service disruption. • Users should update to smc-tools v1.8.7 to mitigate the risk.

Key Entities

  • Denial of Service (attack_type)
  • Cwe-362 - Race Condition (cwe)
  • Linux (platform)
  • OpenSUSE Leap (platform)
  • SUSE Linux Enterprise Server (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed