CVE-2019-18902

Summary

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Linux Enterprise Server 12wicked < 0.6.60-3.5.1affected
SUSESUSE Linux Enterprise Server 15wicked < 0.6.60-3.21.1affected
openSUSELeap 15.1wicked < 0.6.60-lp151.2.6.1affected
openSUSEFactorywicked < 0.6.62affected

Weaknesses

  • CWE-416: CWE-416: Use After Free

ADP Enrichment

CVE Program Container

Additional References

References