CVE-2025-53881

SUSE-specific logrotate configuration allows escalation from mail user/group to root

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.

INFO

Published Date :

2025-10-02T13:51:56.848Z

Last Modified :

2025-10-02T13:51:56.848Z

Source :

suse

AFFECTED PRODUCTS

The following products are affected by CVE-2025-53881 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-53881.

URL	Resource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability