Privilege Escalation Vulnerability in apt-cacher-ng on openSUSE Leap 15.1

Privilege Escalation Vulnerability in apt-cacher-ng on openSUSE Leap 15.1

CVE-2019-18899 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.