Описание
Security update for amazon-ssm-agent
This update for amazon-ssm-agent fixes the following issues:
- CVE-2022-29527: Fixed unsafe file creation mode of ssm-agent-users sudoer file (bsc#1196556).
Update to version 3.1.1260.0
Список пакетов
Image SLES15-SP1-SAPCAL-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-HPC-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-SAP-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-HPC-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-SAP-BYOS-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP3-SAPCAL-EC2-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-EC2-ECS-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-HPC-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-HPC-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Server-4-3-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Server-4-3-EC2-llc
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-Manager-Server-4-3-EC2-ltd
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAP-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAP-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAP-Hardened-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAP-Hardened-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SAPCAL-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-EC2-ECS-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-HPC-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-HPC-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-Manager-Proxy-5-0-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-Manager-Server-5-0-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-Manager-Server-5-0-EC2-llc
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-Manager-Server-5-0-EC2-ltd
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-SAP-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-SAP-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-SAP-Hardened-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP5-SAPCAL-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-EC2-ECS-HVM
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-HPC-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-HPC-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-HPC-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP-Hardened-BYOS
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAP-Hardened-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAPCAL
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP6-SAPCAL-EC2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
SUSE Linux Enterprise Module for Public Cloud 15
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
SUSE Linux Enterprise Module for Public Cloud 15 SP1
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
SUSE Linux Enterprise Module for Public Cloud 15 SP2
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
SUSE Linux Enterprise Module for Public Cloud 15 SP3
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
openSUSE Leap 15.3
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
openSUSE Leap 15.4
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Ссылки
- Link for SUSE-SU-2022:1510-1
- E-Mail link for SUSE-SU-2022:1510-1
- SUSE Security Ratings
- SUSE Bug 1196556
- SUSE CVE CVE-2022-29527 page
Описание
Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.
Затронутые продукты
Image SLES15-SP1-SAPCAL-EC2-HVM:amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-BYOS-EC2-HVM:amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-HPC-BYOS-EC2-HVM:amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM:amazon-ssm-agent-3.1.1260.0-150000.5.9.2
Ссылки
- CVE-2022-29527
- SUSE Bug 1196556