CVE-2018-6536 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2018-6536 Interim 1 10 2025-11-05T03:34:45Z current 2021-05-30T14:10:43Z 2025-11-05T03:34:45Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2018-6536 An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script executes a "kill `cat /pathname/icinga2.pid`" command, as demonstrated by icinga2.init.d.cmake. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Enterprise Storage 4 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Linux Enterprise Module for HPC 12 SUSE Manager Client Tools for SLE 12 icinga icinga2 icinga2-bin icinga2-common icinga2-doc icinga2-ido-mysql icinga2-ido-pgsql icinga2-libs vim-icinga2 icinga as a component of SUSE Enterprise Storage 4 icinga2 as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-bin as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-common as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-doc as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-ido-mysql as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-ido-pgsql as a component of SUSE Linux Enterprise Module for HPC 12 icinga2-libs as a component of SUSE Linux Enterprise Module for HPC 12 vim-icinga2 as a component of SUSE Linux Enterprise Module for HPC 12 icinga as a component of SUSE Manager Client Tools for SLE 12 An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for icinga2.pid modification before a root script executes a "kill `cat /pathname/icinga2.pid`" command, as demonstrated by icinga2.init.d.cmake. CVE-2018-6536 SUSE Enterprise Storage 4:icinga SUSE Manager Client Tools for SLE 12:icinga moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L