CVE-2019-18903

Summary

A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Linux Enterprise Server 12wicked < 0.6.60-2.18.1affected
SUSESUSE Linux Enterprise Server 15wicked < 0.6.60-28.26.1affected
openSUSELeap 15.1wicked < 0.6.60-lp151.2.9.1affected
openSUSEFactorywicked < 0.6.62affected

Weaknesses

  • CWE-416: CWE-416: Use After Free

ADP Enrichment

CVE Program Container

Additional References

References