VYPR

Policycoreutils

by Selinux Project

CVEs (3)

  • CVE-2016-7545HigJan 19, 2017
    risk 0.57cvss 8.8epss 0.00

    SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

  • CVE-2018-1063MedMar 2, 2018
    risk 0.29cvss 4.4epss 0.00

    Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when…

  • CVE-2014-3215May 8, 2014
    risk 0.00cvss epss 0.00

    seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by…