CVE-2022-21944
published 2022-01-26CVE-2022-21944: A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opensuse | factory | >= watchman < 4.9.0-9.1 | 4.9.0-9.1 |
| opensuse | factory_watchman | <= 4.9.1 | — |
| opensuse | opensuse_backports_sle-15-sp3 | >= watchman < 4.9.0 | 4.9.0 |