suse · CVE-2018-19636

Quick triage

Priority: high Published: 2021-05-30 14:18:58 UTC Updated: 2026-03-05 06:36:25 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-19636 severity important: SUSE including 5 source package names (hostinfo-1.0.1-19.5.1, supportutils, supportutils-1.20-122.9.1, supportutils-3.0-95.21.1, supportutils-3.0.3-95.27.1), 74 product×package rows across 44 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (44 product lines)): Fixed 73, Known Not Affected 1.

Description:

Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges

cvelogic Threat Intelligence