High severity7.0NVD Advisory· Published Apr 11, 2017· Updated Jun 17, 2026
CVE-2016-4444
CVE-2016-4444
Description
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*range: <=3.2.22
- (no CPE)range: <3.2.23
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- github.com/fedora-selinux/setroubleshoot/commit/5cd60033ea7f5bdf8c19c27b23ea2d773d9b09f5nvdPatch
- seclists.org/oss-sec/2016/q2/575nvdExploitMailing ListPatchThird Party Advisory
- www.securityfocus.com/bid/91476nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1036144nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2016:1293nvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1267.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.