Skip to main content

Selinux

8 CVEs product

Monthly

CVE-2021-36087 LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Selinux Fedora
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-36086 LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Use After Free Information Disclosure Debian Linux Active Iq Unified Manager +7
NVD GitHub
CVSS 3.1
3.3
EPSS
0.0%
CVE-2021-36085 LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure Selinux Fedora
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2021-36084 LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure Selinux Fedora
NVD GitHub
CVSS 3.1
3.3
EPSS
0.5%
CVE-2020-10751 MEDIUM PATCH This Month

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Information Disclosure Selinux Enterprise Linux Server
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2018-1063 MEDIUM This Month

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise Linux Selinux
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2015-3170 MEDIUM This Month

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Selinux
NVD
CVSS 3.0
5.5
EPSS
0.0%
CVE-2016-7545 HIGH PATCH This Week

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Authentication Bypass Selinux Fedora Enterprise Linux Desktop Enterprise Linux Hpc Node +3
NVD GitHub VulDB
CVSS 3.0
8.8
EPSS
0.1%
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Selinux +1
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Use After Free Information Disclosure +9
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 3.3
LOW POC PATCH Monitor

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free Memory Corruption Information Disclosure +2
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Information Disclosure Selinux Enterprise Linux Server
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise Linux Selinux
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Selinux
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity.

Authentication Bypass Selinux Fedora +5
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy