Lucene search
RedhatCVELIST:CVE-2018-1063HistoryMar 02, 2018 - 3:00 p.m.
CVE-2018-1063
2018-03-0215:00:00
CWE-59
redhat
www.cve.org
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.
CNA Affected
[
{
"product": "policycoreutils",
"vendor": "SELinux Project",
"versions": [
{
"status": "affected",
"version": "2.5-11 and newer"
}
]
}
]Related
openvas
openvas
Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2019-2400)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0927-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2020-1423)
2020-04-16 00:00:00
mageia
mageia
Updated policycoreutils packages fix a security vulnerability
2021-01-17 19:07:01
prion
prion
Code injection
2018-03-02 15:29:00
nessus
nessus
RHEL 6 : policycoreutils (Unpatched Vulnerability)
2024-05-11 00:00:00
EulerOS 2.0 SP3 : policycoreutils (EulerOS-SA-2020-1423)
2020-04-15 00:00:00
SUSE SLES12 Security Update : policycoreutils (SUSE-SU-2018:0926-1)
2018-04-12 00:00:00
cve
cve
CVE-2018-1063
2018-03-02 15:29:00
oraclelinux
oraclelinux
policycoreutils security, bug fix, and enhancement update
2018-04-16 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in policycoreutils affects PowerKVM
2018-09-26 17:50:01
centos
centos
policycoreutils security update
2018-04-26 17:49:24
redhat
redhat
nvd
nvd
CVE-2018-1063
2018-03-02 15:29:00
redhatcve
redhatcve
CVE-2018-1063
2018-03-01 15:23:06
debiancve
debiancve
CVE-2018-1063
2018-03-02 15:29:00
amazon
amazon
Low: policycoreutils
2018-09-12 22:22:00
ubuntucve
ubuntucve
CVE-2018-1063
2018-03-02 00:00:00