High severity7.0OSV Advisory· Published Apr 11, 2017· Updated Jun 17, 2026
CVE-2016-4446
CVE-2016-4446
Description
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- Range: setroubleshoot-3.2.21, setroubleshoot-3.2.22, setroubleshoot-3.2.23, …
cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:*range: <=-
- (no CPE)
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
7- github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718nvdPatch
- seclists.org/oss-sec/2016/q2/575nvdExploitMailing ListPatchThird Party Advisory
- www.securityfocus.com/bid/91427nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1036144nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2016:1293nvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2016-1267.htmlnvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.