CVE-2026-44933

Summary

PluginScript attempts to chroot the plugin to the repoManagerRoot, this root is frequently / (the system root) in standard configurations or when using --root. If the chroot target is /, it is a no-op, allowing the traversed path to execute host binaries (like /bin/bash) with root privileges.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Linux Enterprise17.38.8 < 17.38.9affected
SUSEopenSUSE17.38.8 < 17.38.9affected

Weaknesses

  • CWE-35: CWE-35 Path traversal: '…/…//'

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References