RSS   Vulnerabilities for 'Selinux'   RSS

2021-07-01
 
CVE-2021-36084

CWE-416
 
 
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).

 
 
CVE-2021-36085

CWE-416
 
 
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

 
 
CVE-2021-36086

CWE-416
 
 
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

 
 
CVE-2021-36087

CWE-125
 
 
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). NOTE: bad0a746e9f4cf260dedba5828d9645d50176aac is cited in the OSV "fixed" field but does not have a code change.

 
2018-03-02
 
CVE-2018-1063

CWE-59
 
 
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

 
2017-07-21
 
CVE-2015-3170

 
 
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

 
2017-01-19
 
CVE-2016-7545

CWE-284
 
 
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

 

Copyright 2024, cxsecurity.com

 

Back to Top