31 matches found
MiracleLinux 4 : policycoreutils-2.0.83-30.1.AXS4 (AXSA:2016-915:02)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-915:02 advisory. Security-enhanced Linux is a feature of the Linux kernel and a number of utilities with enhanced security functionality designed to add mandatory access...
EUVD-2020-17329
Malware in sbrugna...
EUVD-2004-1067
Malware in sbrugna...
EUVD-2021-22717
Malware in sbrugna...
EUVD-2021-22718
Malware in sbrugna...
EUVD-2021-22719
Malware in sbrugna...
EUVD-2009-1184
Malware in sbrugna...
EUVD-2018-11716
Malware in sbrugna...
EUVD-2024-53834
Malicious code in bioql PyPI...
CVE-2022-50200 selinux: Add boundary check in put_entry()
In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in putentry Just like nextentry, boundary check is necessary to prevent memory out-of-bound access...
CVE-2022-50200
The CVE-2022-50200 issue affects the Linux kernel and stems from missing boundary checks in the selinux put_entry() path. The vulnerability could allow memory out-of-bounds access (local attack) with high impact to confidentiality or availability as described in the advisory (vector: LOCAL, compl...
CVE-2023-21377
In SELinux Policy, there is a possible restriction bypass due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-57931
CVE-2024-57931 is a Linux kernel issue in the SELinux subsystem: when evaluating extended permissions, the patch changes behavior to ignore unknown permissions instead of triggering a BUG(), allowing future permissions to be added without breaking older kernels. The unit described in connected da...
The vulnerability of the selinux component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the selinux component in the Linux operating system is related to the assignment of the NULL pointer in the function hashtabcomputesize. Exploiting this vulnerability can allow an attacker to cause a service failure...
Denial Of Service (DoS)
libsepol is vulnerable to denial of service. The CIL compiler in SELinux has a heap-based buffer over-read in ebitmapmatchany called indirectly from cilcheckneverallow. This occurs because there is sometimes a lack of checks for invalid statements in an optional block...
SELinux Resource Management Error Vulnerability (CNVD-2021-52406)
SELinux is a Linux subsystem from the National Security Agency that uses a secure architecture that allows administrators to better control who has access to the system. A security vulnerability exists in SELinux version 3.2, which stems from a use-after-free in the SELinux CIL compiler in the...
CVE-2021-36085
The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from verifymappermclassperms and hashtabmap...
CVE-2021-36086
Summary: CVE-2021-36086 concerns the libsepol component used by SELinux, stemming from a use-after-free in the CIL compiler’s class-permission handling. The published records consistently describe the vulnerability as occurring in the CIL code path (cil_reset_classpermission) and related helper c...
OPENSUSE-SU-2021:0170-1 Security update for sudo
This update for sudo fixes the following issues: - A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges bsc1181090,CVE-2021-3156 - It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit...
Linux kernel data forgery problem vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A data forgery issue vulnerability exists in the implementation of hook in the SELinux LSM of the Linux kernel. An attacker can exploit this vulnerability to bypass SELinux...