Description
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
Reserved 2024-01-04 | Published 2024-10-16 | Updated 2024-10-16 | Assigner
suseHIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem types
CWE-732: Incorrect Permission Assignment for Critical Resource
Product status
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-150200.57.1
affected
Default status
unaffected
? before 9.0.85-3.1
affected
Credits
Johannes Segitz of SUSE finder
References
bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22029
cve.org (CVE-2024-22029)
nvd.nist.gov (CVE-2024-22029)
Download JSON
Subscribe to our newsletter to learn more about our work.
