22 matches found
MiracleLinux 8 : libsepol-2.9-3.el8 (AXSA:2021-2596:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2596:02 advisory. libsepol: use-after-free in cilverifyclassperms CVE-2021-36084 libsepol: use-after-free in cilverifyclassperms CVE-2021-36085 libsepol: use-after-fr...
Siemens SIMATIC S7-1500 and Ruggedcom ROX Devices Out-of-bounds Read (CVE-2021-36087)
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block. This plugin only works with Tenable.ot. Please visit...
NewStart CGSL MAIN 6.02 : libsepol Multiple Vulnerabilities (NS-SA-2024-0054)
The remote NewStart CGSL host, running version MAIN 6.02, has libsepol packages installed that are affected by multiple vulnerabilities: - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 - The...
Rocky Linux 8 : libsepol (RLSA-2021:4513)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4513 advisory. - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-3608...
Amazon Linux 2022 : libsepol, libsepol-devel, libsepol-static (ALAS2022-2022-208)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-208 advisory. The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 The CIL compiler in SELinux 3.2 has a...
EulerOS Virtualization 2.10.0 : libsepol (EulerOS-SA-2022-1405)
According to the versions of the libsepol package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and...
USN-5391-1: libsepol vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, ...
USN-5391-1: libsepol vulnerabilities
Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-36084 It was discovered that libsepol incorrectly handled memory whe...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : libsepol vulnerabilities (USN-5391-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5391-1 advisory. Nicolas Iooss discovered that libsepol incorrectly handled memory when handling policies. An attacker could possibly use this iss...
EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1309)
According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...
EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1293)
According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...
Huawei EulerOS: Security Advisory for libsepol (EulerOS-SA-2022-1309)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1257)
According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...
EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1245)
According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...
AlmaLinux 8 : libsepol (ALSA-2021:4513)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4513 advisory. - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper. CVE-2021-36084 ...
Oracle Linux 8 : libsepol (ELSA-2021-4513)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4513 advisory. 2.9-3 - cil: Fix out-of-bound read of file context pattern ending with '' - cil: Destroy classperms list when resetting classpermission 1983517 - cil:...
Moderate: Red Hat Security Advisory: libsepol security update
An update for libsepol is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
RLSA-2021:4513 Moderate: libsepol security update
The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy the policy compiler and similar tools, as well as by programs like loadpolicy that need to perform specific transformations on binary policies for example, customizing policy boolean...
ALSA-2021:4513 Moderate: libsepol security update
The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy the policy compiler and similar tools, as well as by programs like loadpolicy that need to perform specific transformations on binary policies for example, customizing policy boolean...
CVE-2021-36087
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...