SUSE PluginScript Chroot Bypass Vulnerability Allowing Execution of Host Binaries with Root Privileges

Vulnerability

A vulnerability exists in SUSE's PluginScript due to improper handling of the chroot function. The script attempts to chroot plugins to the repoManagerRoot, which often defaults to the system root. This misconfiguration allows the chroot operation to be ineffective, enabling traversed paths to execute host binaries, such as /bin/bash, with root privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of host binaries with root privileges, potentially allowing for further escalation of privileges or execution of malicious payloads as the root user.

Added: May 20, 2026, 10:19 AM

Updated: May 20, 2026, 10:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.7

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.7

remediation

0.0

relevance

8.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SUSE PluginScript Chroot Bypass Vulnerability Allowing Execution of Host Binaries with Root Privileges

Vulnerability

Impact

Affected Products

SUSE PluginScript

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating