CVE 6.9 MEDIUM

SUSE-specific logrotate configuration allows escalation from mail user/group to root_CVE-2025-53881

October 2, 2025 invoker category_cve
6.9 / 10
MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.

Basic Information

ID CVE-2025-53881
Source suse
Published Oct 2, 2025 at 13:51

Affected Product

Vendor openSUSE
Product Tumbleweed
Version ?
Affected Versions openSUSE Tumbleweed ?

CWE Classification

CWE-61

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.