Suse Caas Platform vulnerabilities

CVE-2022-27239 [HIGH] CWE-787 CVE-2022-27239: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-li In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

CVE-2020-8029 [LOW] CWE-732 CVE-2020-8029: A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.

CVE-2020-8030 [LOW] CWE-377 CVE-2020-8030: A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.

CVE-2019-3682 [HIGH] CWE-668 CVE-2019-3682: The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an ins The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.

CVE-2018-6556 [LOW] CWE-417 CVE-2018-6556: lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). A