Security Advisory Overview
A high-priority security update has been issued by SUSE to patch CVE-2024-10041, a vulnerability affecting AppArmor—Linux’s mandatory access control framework. This flaw, rated 5.7 CVSS (v4.0), could allow privilege escalation under specific conditions.
Enterprises relying on SUSE Linux distributions must apply this patch immediately to mitigate risks.
Affected Systems
openSUSE Leap 15.5
SUSE Linux Enterprise Server 15 SP5 (LTSS/ESPOS)
SUSE Linux Enterprise Micro 5.5
SUSE Linux Enterprise High Performance Computing (HPC) 15 SP5
Technical Impact & Patch Details
Vulnerability Breakdown
The flaw stems from incorrect permission handling in unix_chkpwd, a PAM module responsible for password verification. After the CVE-2024-10041 fix, AppArmor now grants the dac_read_search capability, allowing unix_chkpwd to read shadow files even with 000 permissions.
CVSS Scores:
SUSE Rating: 5.7 (AV:L/AC:H/AT:N/PR:L/UI:N/VC:H)
NVD Rating: 4.7 (CVSSv3.1)
Patch Installation Guide
Apply the update via:
YaST Online Update (Recommended)
Zypper Patch Command (Manual):
# openSUSE Leap 15.5 zypper in -t patch SUSE-2025-1512=1Enterprise users: Refer to SUSE’s Security Portal for product-specific commands.
Why This Patch Matters for Enterprises
Prevents privilege escalation in multi-user environments.
Ensures compliance with Linux security best practices.
Mitigates risks for SAP, HPC, and cloud deployments.
For sysadmins: Delaying this update could expose systems to credential theft or unauthorized access.
Additional Resources
FAQ Section
Q: Is this vulnerability exploitable remotely?
A: No—it requires local access (AV:L).
Q: Does this affect non-SUSE Linux distros?
A: Only SUSE-based systems are impacted.
Q: How urgent is this patch?
A: Critical for enterprises; apply within 24 hours.
Nenhum comentário:
Postar um comentário