4 matches found
RHEL 8 : openstack-selinux (RHSA-2020:4381)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4381 advisory. The openstack-selinux package is a collection of SELinux policies for running OpenStack on Red Hat Enterprise Linux. Security Fixes: policy flaw allo...
CVE-2020-1690
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does not prevent a non-root user in a container from privilege escalation. A non-root attacker in one or more Red Hat OpenStack RHOSP containers could send messages to the dbus. With access to the dbus, t...
CVE-2020-1690
openstack-selinux contains an improper authorization flaw in its applied policy that allows a non-root user in a container to escalate privileges by interacting with dbus, potentially starting/stopping services and causing denial of service. Affected are versions before openstack-selinux 0.8.24. ...
Moderate: Red Hat Security Advisory: openstack-selinux security update
An update for openstack-selinux is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...