Description
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62.
References (1)
Core 1
Core References
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugzilla.suse.com/show_bug.cgi?id=1160904
Scores
CVSS v3
7.5
EPSS
0.0282
EPSS Percentile
86.3%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (3)
opensuse/leap
15.1
suse/linux_enterprise_server
12
suse/linux_enterprise_server
15
Published
Mar 02, 2020
Tracked Since
Feb 18, 2026