Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-1063

Опубликовано: 02 мар. 2018
Источник: debian

Описание

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
policycoreutilsfixed2.7-1package
policycoreutilsno-dsastretchpackage
policycoreutilsno-dsajessiepackage
policycoreutilsno-dsawheezypackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=1550122

  • Mitigation by removing any symbolic link in /tmp and /var/tmp directories

  • before relabeling the file system. Futhtermore only triggerable at

  • relabeling time.

  • https://github.com/SELinuxProject/selinux/commit/2608b4d6660af0fb8ad93f2cc144bdaab3c2afa8

Связанные уязвимости

ubuntu логотип

CVE-2018-1063

CVSS3: 4.4
ubuntu
больше 7 лет назад

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

redhat логотип

CVE-2018-1063

CVSS3: 3.9
redhat
больше 7 лет назад

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

nvd логотип

CVE-2018-1063

CVSS3: 4.4
nvd
больше 7 лет назад

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

suse-cvrf логотип

openSUSE-SU-2018:0937-1

suse-cvrf
больше 7 лет назад

Security update for policycoreutils

suse-cvrf логотип

SUSE-SU-2018:0927-1

suse-cvrf
больше 7 лет назад

Security update for policycoreutils