VYPR

selinux-policy

by Red Hat

CVEs (2)

  • CVE-2015-3170MedJul 21, 2017
    risk 0.36cvss 5.5epss 0.00

    selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

  • CVE-2020-24612Aug 24, 2020
    risk 0.00cvss epss 0.00

    An issue was discovered in the selinux-policy (aka Reference Policy) package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If…