Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-0414

Опубликовано: 04 апр. 2011
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2011-0414: policycoreutils security update (IMPORTANT)

policycoreutils:

[2.0.83-19.8]

  • Fix seunshare to work with /tmp content when SELinux context is not provided Resolves: #679689

[2.0.83-19.7]

  • put back correct chcon
  • Latest fixes for seunshare

[2.0.83-19.6]

  • Fix rsync command to work if the directory is old.
  • Fix all tests Resolves: #679689

[2.0.83-19.5]

  • Add requires rsync and fix man page for seunshare

[2.0.83-19.4]

  • fix to sandbox
    • Fix seunshare to use more secure handling of /tmp
      • Rewrite seunshare to make sure /tmp is mounted stickybit owned by root
    • Change to allow sandbox to run on nfs homedirs, add start python script
    • change default location of HOMEDIR in sandbox to /tmp/.sandbox_home_*
    • Move seunshare to sandbox package
    • Fix sandbox to show correct types in usage statement

selinux-policy:

[3.7.19-54.0.1.el6_0.5]

  • Allow ocfs2 to be mounted with file_t type.

[3.7.19-54.el6_0.5]

  • seunshare needs to be able to mounton nfs/cifs/fusefs homedirs Resolves: #684918

[3.7.19-54.el6_0.4]

  • Fix to sandbox * selinux-policy fixes for policycoreutils sandbox changes - Fix seunshare to use more secure handling of /tmp - Change to allow sandbox to run on nfs homedirs, add start python script

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

policycoreutils

2.0.83-19.8.el6_0

policycoreutils-gui

2.0.83-19.8.el6_0

policycoreutils-newrole

2.0.83-19.8.el6_0

policycoreutils-python

2.0.83-19.8.el6_0

policycoreutils-sandbox

2.0.83-19.8.el6_0

selinux-policy

3.7.19-54.0.1.el6_0.5

selinux-policy-doc

3.7.19-54.0.1.el6_0.5

selinux-policy-minimum

3.7.19-54.0.1.el6_0.5

selinux-policy-mls

3.7.19-54.0.1.el6_0.5

selinux-policy-targeted

3.7.19-54.0.1.el6_0.5

Oracle Linux i686

policycoreutils

2.0.83-19.8.el6_0

policycoreutils-gui

2.0.83-19.8.el6_0

policycoreutils-newrole

2.0.83-19.8.el6_0

policycoreutils-python

2.0.83-19.8.el6_0

policycoreutils-sandbox

2.0.83-19.8.el6_0

selinux-policy

3.7.19-54.0.1.el6_0.5

selinux-policy-doc

3.7.19-54.0.1.el6_0.5

selinux-policy-minimum

3.7.19-54.0.1.el6_0.5

selinux-policy-mls

3.7.19-54.0.1.el6_0.5

selinux-policy-targeted

3.7.19-54.0.1.el6_0.5

Связанные CVE

CVE-2011-1011

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2011-1011

ubuntu
больше 14 лет назад

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

redhat логотип

CVE-2011-1011

redhat
больше 14 лет назад

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

nvd логотип

CVE-2011-1011

nvd
больше 14 лет назад

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

github логотип

GHSA-7fgm-8fq2-6xv7

github
около 3 лет назад

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

fstec логотип

BDU:2015-06913

fstec
около 14 лет назад

Уязвимость операционной системы Red Hat Enterprise Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации