firejail

This repository is an open-source Linux sandboxing platform called Firejail. It is a Linux namespaces and seccomp-bpf sandbox that allows users to run applications in a secure environment, isolating them from the rest of the system. The repository contains a variety of tools and scripts for...

Security Bulletin: A vulnerability in policycoreutils affects PowerKVM

Summary PowerKVM is affected by a vulnerability in policycoreutils. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-7545 DESCRIPTION: Policycoreutils could allow a remote attacker to execute arbitrary commands on the system, caused by a TIOCSTI ioctl attack in the...

RHEL 7 : policycoreutils (RHSA-2017:0536)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:0536 advisory. The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fixes: It was found that the sandbo...

Important: policycoreutils

Issue Overview: It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent bash, escaping the sandbox. Affected...