CVE-2022-31250 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-31250 Interim 1 16 2026-03-05T04:41:47Z current 2022-06-24T23:40:05Z 2026-03-05T04:41:47Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-31250 A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2022-August/011769.html E-Mail link for SUSE-SU-2022:2658-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP6 SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 openSUSE Leap 15.4 openSUSE Tumbleweed keylime-agent-6.3.2-150400.4.11.1 keylime-agent-6.4.1-2.1 keylime-config-6.3.2-150400.4.11.1 keylime-config-6.4.1-2.1 keylime-config-7.11.0-160000.2.2 keylime-firewalld-6.3.2-150400.4.11.1 keylime-firewalld-6.4.1-2.1 keylime-firewalld-7.11.0-160000.2.2 keylime-logrotate-6.3.2-150400.4.11.1 keylime-logrotate-6.4.1-2.1 keylime-logrotate-7.11.0-160000.2.2 keylime-registrar-6.3.2-150400.4.11.1 keylime-registrar-6.4.1-2.1 keylime-registrar-7.11.0-160000.2.2 keylime-tenant-7.11.0-160000.2.2 keylime-tpm_cert_store-6.3.2-150400.4.11.1 keylime-tpm_cert_store-6.4.1-2.1 keylime-tpm_cert_store-7.11.0-160000.2.2 keylime-verifier-6.3.2-150400.4.11.1 keylime-verifier-6.4.1-2.1 keylime-verifier-7.11.0-160000.2.2 python3-keylime-6.3.2-150400.4.11.1 python310-keylime-6.4.1-2.1 python313-keylime-7.11.0-160000.2.2 python38-keylime-6.4.1-2.1 python39-keylime-6.4.1-2.1 keylime-agent-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-config-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-firewalld-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-logrotate-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-registrar-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-verifier-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 python3-keylime-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-agent-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-config-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-firewalld-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-logrotate-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-registrar-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-verifier-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 python3-keylime-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-agent-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-config-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-firewalld-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-logrotate-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-registrar-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-verifier-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 python3-keylime-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP6 keylime-agent-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-config-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-firewalld-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-logrotate-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-registrar-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-verifier-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 python3-keylime-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP7 keylime-agent-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-config-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-firewalld-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-logrotate-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-registrar-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-verifier-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA python3-keylime-6.3.2-150400.4.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA keylime-config-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-firewalld-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-logrotate-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-registrar-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-tenant-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-tpm_cert_store-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-verifier-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 python313-keylime-7.11.0-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 keylime-agent-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-config-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-firewalld-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-registrar-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-tpm_cert_store-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-verifier-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 python3-keylime-6.3.2-150400.4.11.1 as a component of openSUSE Leap 15.4 keylime-agent-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-config-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-firewalld-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-logrotate-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-registrar-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-tpm_cert_store-6.4.1-2.1 as a component of openSUSE Tumbleweed keylime-verifier-6.4.1-2.1 as a component of openSUSE Tumbleweed python310-keylime-6.4.1-2.1 as a component of openSUSE Tumbleweed python38-keylime-6.4.1-2.1 as a component of openSUSE Tumbleweed python39-keylime-6.4.1-2.1 as a component of openSUSE Tumbleweed A UNIX Symbolic Link (Symlink) Following vulnerability in keylime of openSUSE Tumbleweed allows local attackers to escalate from the keylime user to root. This issue affects: openSUSE Tumbleweed keylime versions prior to 6.4.2-1.1. CVE-2022-31250 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-agent-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-config-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-firewalld-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-logrotate-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-registrar-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-tpm_cert_store-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-verifier-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:python3-keylime-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-agent-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-config-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-firewalld-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-logrotate-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-registrar-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-tpm_cert_store-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-verifier-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP5:python3-keylime-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-agent-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-config-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-firewalld-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-logrotate-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-registrar-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-tpm_cert_store-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:keylime-verifier-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-keylime-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-agent-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-config-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-firewalld-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-logrotate-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-registrar-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-tpm_cert_store-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:keylime-verifier-6.3.2-150400.4.11.1 SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-keylime-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-agent-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-config-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-firewalld-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-logrotate-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-registrar-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-tpm_cert_store-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:keylime-verifier-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 15 SP4-TERADATA:python3-keylime-6.3.2-150400.4.11.1 SUSE Linux Enterprise Server 16.0:keylime-config-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-firewalld-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-logrotate-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-registrar-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-tenant-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-tpm_cert_store-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:keylime-verifier-7.11.0-160000.2.2 SUSE Linux Enterprise Server 16.0:python313-keylime-7.11.0-160000.2.2 openSUSE Leap 15.4:keylime-agent-6.3.2-150400.4.11.1 openSUSE Leap 15.4:keylime-config-6.3.2-150400.4.11.1 openSUSE Leap 15.4:keylime-firewalld-6.3.2-150400.4.11.1 openSUSE Leap 15.4:keylime-registrar-6.3.2-150400.4.11.1 openSUSE Leap 15.4:keylime-tpm_cert_store-6.3.2-150400.4.11.1 openSUSE Leap 15.4:keylime-verifier-6.3.2-150400.4.11.1 openSUSE Leap 15.4:python3-keylime-6.3.2-150400.4.11.1 openSUSE Tumbleweed:keylime-agent-6.4.1-2.1 openSUSE Tumbleweed:keylime-config-6.4.1-2.1 openSUSE Tumbleweed:keylime-firewalld-6.4.1-2.1 openSUSE Tumbleweed:keylime-logrotate-6.4.1-2.1 openSUSE Tumbleweed:keylime-registrar-6.4.1-2.1 openSUSE Tumbleweed:keylime-tpm_cert_store-6.4.1-2.1 openSUSE Tumbleweed:keylime-verifier-6.4.1-2.1 openSUSE Tumbleweed:python310-keylime-6.4.1-2.1 openSUSE Tumbleweed:python38-keylime-6.4.1-2.1 openSUSE Tumbleweed:python39-keylime-6.4.1-2.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H