The vulnerability of the tool for adjusting mandate attributes of Astra Linux objects allows a hacker to circumvent the specified security policy restrictions.

The vulnerability of the “correction of mandate attributes” utility in the astrase-fix-maildir object of the Astra Linux operating system is related to an error in assigning the ehole tag to the dovecot-uidlist file, which stores the “UID filename” pair. Exploiting this vulnerability can allow a...