The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer weakness alert CVE-2019-11328

Singularity: privilege escalation

Synthesis of the vulnerability

An attacker can bypass restrictions of Singularity, in order to escalate his privileges.
Severity of this computer vulnerability: 2/4.
Creation date: 24/05/2019.
Références of this announce: CVE-2019-11328, FEDORA-2019-25ecc42592, FEDORA-2019-9f48c6fedc, FEDORA-2019-da2ed3b0b5, openSUSE-SU-2019:2288-1, VIGILANCE-VUL-29398.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions of Singularity, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

This weakness note impacts software or systems such as Fedora, SLES.

Our Vigil@nce team determined that the severity of this threat note is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer weakness.

Solutions for this threat

Fedora: new singularity packages.
New packages are available:
  Fedora 30: singularity 3.1.1-1.1.fc30
  Fedora 29: singularity 3.1.1-1.1.fc29
  Fedora 28: singularity 3.1.1-1.1.fc28

SUSE LE 15: new singularity packages.
New packages are available:
  SUSE LE 15 RTM: singularity 3.4.1-bp150.2.10.1
  SUSE LE 15 SP1: singularity 3.4.1-bp151.3.3.1
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a software vulnerabilities note. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.