Description
A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root.
This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1.
This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=CVE-2026-59674 |
|
History
Tue, 14 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Suse
Suse opensuse Tumbleweed |
|
| Vendors & Products |
Suse
Suse opensuse Tumbleweed |
Tue, 14 Jul 2026 07:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed suricata package allows the suricata user to escalate to root. This issue affects openSUSE Tumbleweed: from ? before 8.0.5-2.1; openSUSE Tumbleweed: from ? before 8.0.5-2.1. | |
| Title | LPE from suricata user to root due to chown in %post in suricata packaging | |
| Weaknesses | CWE-61 | |
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: suse
Published:
Updated: 2026-07-14T07:32:35.363Z
Reserved: 2026-07-06T11:59:28.118Z
Link: CVE-2026-59674
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-14T08:30:05Z
Weaknesses
-
CWE-61
UNIX Symbolic Link (Symlink) Following