Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceSUSE-SU-2022:3898-1

SUSE-SU-2022:3898-1

HIGH7.8

Security update for sendmail

Published Nov 8, 2022

Modified 3 years ago

Fix available

Details

Description of the patch:

This update for sendmail fixes the following issues:

CVE-2022-31256: Fixed mail to root privilege escalation via sm-client.pre script (bsc#1204696, bsc#1202937).

Affected Packages

sendmail

SUSE Linux Enterprise Module for Legacy 12

Fixed in:

8.14.9-4.6.1

References

https://bugzilla.suse.com/1202937

https://bugzilla.suse.com/1204696

https://lists.suse.com/pipermail/sle-security-updates/2022-November/012841.html

https://www.suse.com/security/cve/CVE-2022-31256/

https://www.suse.com/support/security/rating/

https://www.suse.com/support/update/announcement/2022/suse-su-20223898-1/

CVSS Analysis

CVSS v3.1

7.8

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

RequiredUI:R

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

7.8/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Upstream

Ecosystems

SUSE Linux Enterprise Module for Legacy 12

Timeline

PublishedNov 8, 2022

ModifiedNov 8, 2022

SUSE-SU-2022:3898-1 | Mondoo Vulnerability Intelligence