CVE-2020-8019

Public Exploit
syslog-ng: Local privilege escalation from new to root in %post

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.

Category

7.7
CVSS
Severity: High
CVSS 3.1 •
CVSS 2.0 •
EPSS 0.04%
Vendor Advisory suse.com
Affected: SUSE SUSE Linux Enterprise Debuginfo 11-SP3
Affected: SUSE SUSE Linux Enterprise Debuginfo 11-SP4
Affected: SUSE SUSE Linux Enterprise Module for Legacy Software 12
Affected: SUSE SUSE Linux Enterprise Point of Sale 11-SP3
Affected: SUSE SUSE Linux Enterprise Server 11-SP4-LTSS
Affected: SUSE SUSE Linux Enterprise Server for SAP 12-SP1
Affected: openSUSE openSUSE Backports SLE-15-SP1
Affected: openSUSE openSUSE Leap 15.1
Published at:
Updated at:

References

Link Tags
https://bugzilla.suse.com/show_bug.cgi?id=1169385 vendor advisory issue tracking exploit

Frequently Asked Questions

What is the severity of CVE-2020-8019?
CVE-2020-8019 has been scored as a high severity vulnerability.
How to fix CVE-2020-8019?
To fix CVE-2020-8019, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2020-8019 being actively exploited in the wild?
It is possible that CVE-2020-8019 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2020-8019?
CVE-2020-8019 affects SUSE SUSE Linux Enterprise Debuginfo 11-SP3, SUSE SUSE Linux Enterprise Debuginfo 11-SP4, SUSE SUSE Linux Enterprise Module for Legacy Software 12, SUSE SUSE Linux Enterprise Point of Sale 11-SP3, SUSE SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE SUSE Linux Enterprise Server for SAP 12-SP1, openSUSE openSUSE Backports SLE-15-SP1, openSUSE openSUSE Leap 15.1.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.