suse · CVE-2018-19640

Quick triage

Priority: medium Published: 2021-05-30 14:18:59 UTC Updated: 2026-03-05 06:36:20 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-19640 severity moderate: SUSE including 251 source package names (10.1-4.1:supportutils-3.1-5.7.1, amazon/suse-sles-15-sp1-chost-byos-v20210304-hvm-ssd-x86_64, …), 325 product×package rows across 65 product lines (Container suse/sle-micro/5.0/toolbox, Image SLES12-SP5-Azure-BYOS, … (65 product lines)): Fixed 168, Known Affected 157.

Description:

If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine.

cvelogic Threat Intelligence