SUSE Leap 15.1 Improper Privilege Management Vulnerability


Fixed a symlink attack which could allow to overwrite arbitrary data (boo#1157703).


The information has been provided by Vendor

The original article can be found at:


The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt-cacher-ng with root privileges. This can allow local attackers to influence the outcome of these operations. This issue affects: openSUSE Leap 15.1 apt-cacher-ng versions prior to 3.1-lp151.3.3.1.


Vulnerable Systems:

SUSE Leap 15.1


CVE Information:



Disclosure Timeline:
Published Date:1/23/2020

Categories: News