CVE-2022-31254: 
Linux openSUSE vulnerability analysis and mitigation

A Incorrect Default Permissions vulnerability (CVE-2022-31254) was identified in the rmt-server-regsharing service affecting multiple SUSE Linux Enterprise Server for SAP versions and openSUSE Leap distributions. The vulnerability was discovered in versions prior to 2.10 of the rmt-server component (NVD).

The vulnerability stems from incorrect default permissions in the rmt-server-regsharing service. The service executes '/usr/bin/bundle.ruby2.5 exec rake regsharing:sync' using a bundle in /usr/share/rmt/.bundle. Since /usr/share/rmt and its subdirectories are owned by rmt user, it allows for potential exploitation. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (High) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H ([SUSE Bugzilla](https://bugzilla.suse.com/showbug.cgi?id=1204285)).

The vulnerability allows local attackers with access to the rmt user to escalate privileges to root. While the impact is partially limited due to systemd service hardenings mounting many directories as read-only, the vulnerability presents a significant security risk as it enables privilege escalation ([SUSE Bugzilla](https://bugzilla.suse.com/showbug.cgi?id=1204285)).

The vulnerability has been patched in rmt-server version 2.10. Multiple security updates have been released for affected systems including SUSE Linux Enterprise Server for SAP, SUSE Manager Server, and openSUSE Leap distributions. Users are advised to upgrade to the patched version (SUSE Bugzilla).