VYPR
Vendor

Selinux Project

Products
2
CVEs
9
Across products
10
Status
Private

Products

2

Recent CVEs

9
  • CVE-2016-7545HigJan 19, 2017
    risk 0.57cvss 8.8epss 0.00

    SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

  • CVE-2015-3170MedJul 21, 2017
    risk 0.36cvss 5.5epss 0.00

    selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.

  • CVE-2018-1063MedMar 2, 2018
    risk 0.29cvss 4.4epss 0.00

    Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when…

  • CVE-2021-36087Jul 1, 2021
    risk 0.00cvss epss 0.00

    The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.

  • CVE-2021-36086Jul 1, 2021
    risk 0.00cvss epss 0.01

    The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

  • CVE-2021-36085Jul 1, 2021
    risk 0.00cvss epss 0.00

    The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

  • CVE-2021-36084Jul 1, 2021
    risk 0.00cvss epss 0.00

    The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).

  • CVE-2014-3215May 8, 2014
    risk 0.00cvss epss 0.00

    seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by…

  • CVE-2004-1069Jan 10, 2005
    risk 0.00cvss epss 0.00

    Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.