2 matches found
Code injection
selinux-policy when sysctl fs.protectedhardlinks are set to 0 allows local users to cause a denial of service SSH login prevention by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy...
CVE-2015-3170
CVE-2015-3170 describes a local denial-of-service in SELinux policy handling. The issue lies in the policy when sysctl fs.protected_hardlinks is set to 0, allowing a local user to create a hardlink to /etc/passwd from a directory named .config and then update selinux-policy, which prevents SSH lo...