High severity8.4OSV Advisory· Published Aug 29, 2022· Updated Jun 17, 2026
CVE-2022-1117
CVE-2022-1117
Description
A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: fapolicy-0.8.1, fapolicy-0.8.2, fapolicyd-0.8, …
- osv-coords2 versions
< 1.1-6.el8+ 1 more
- (no CPE)range: < 1.1-6.el8
- (no CPE)range: < 1.1-6.el8
Patches
Vulnerability mechanics
References
4- github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263nvdPatchThird Party Advisory
- access.redhat.com/security/cve/CVE-2022-1117nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdPermissions RequiredThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.