Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-36087
HistoryJul 01, 2021 - 12:00 a.m.

CVE-2021-36087

2021-07-0100:00:00
ubuntu.com
ubuntu.com
24
selinux
cil
heap-based buffer
over-read
cve-2021-36087
invalid statements
optional block
ubuntu
apparmor

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

30.7%

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in
ebitmap_match_any (called indirectly from cil_check_neverallow). This
occurs because there is sometimes a lack of checks for invalid statements
in an optional block.

Bugs

Notes

Author Note
sbeattie AppArmor is the default LSM in Ubuntu, issue only affects compilation of selinux policy trusty version predates the introduction of CIL
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlibsepol< 2.7-1ubuntu0.1UNKNOWN
ubuntu20.04noarchlibsepol< 3.0-1ubuntu0.1UNKNOWN
ubuntu21.10noarchlibsepol< 3.1-1ubuntu2.1UNKNOWN
ubuntu16.04noarchlibsepol< 2.4-2ubuntu0.1~esm1UNKNOWN

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

EPSS

0.001

Percentile

30.7%