Medium severity4.4NVD Advisory· Published Mar 2, 2018· Updated Jun 17, 2026
CVE-2018-1063
CVE-2018-1063
Description
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- Range: =2.5-11
- osv-coords8 versionspkg:rpm/opensuse/coreutils&distro=openSUSE%20Tumbleweedpkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/policycoreutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 3.2-1.4+ 7 more
- (no CPE)range: < 3.2-1.4
- (no CPE)range: < 2.0.79-4.9.3.3
- (no CPE)range: < 2.5-10.3.1
- (no CPE)range: < 2.5-10.3.1
- (no CPE)range: < 2.5-10.3.1
- (no CPE)range: < 2.0.79-4.9.3.3
- (no CPE)range: < 2.5-10.3.1
- (no CPE)range: < 2.5-10.3.1
- Range: 2.5-11 and newer
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cginvdIssue TrackingMitigationVendor Advisory
- access.redhat.com/errata/RHSA-2018:0913nvd
News mentions
0No linked articles in our index yet.