Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33225
HistoryDec 10, 2021 - 7:26 a.m.

Denial Of Service (DoS)

2021-12-1007:26:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
libsepol
denial of service
vulnerability
selinux 3.2
cil compiler

EPSS

0.001

Percentile

29.5%

libsepol is vulnerable to denial of service. The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

Affected configurations

Vulners
Node
-libsepolMatch2.9_1.el8
OR
-libsepolMatch2.8_2.el8
OR
-libsepolMatch2.9_2.el8
OR
-libsepolMatch2.9_1.el8
OR
-libsepolMatch2.8_2.el8
OR
-libsepolMatch2.9_2.el8
VendorProductVersionCPE
-libsepol2.9_1.el8cpe:2.3:a:-:libsepol:2.9_1.el8:*:*:*:*:*:*:*
-libsepol2.8_2.el8cpe:2.3:a:-:libsepol:2.8_2.el8:*:*:*:*:*:*:*
-libsepol2.9_2.el8cpe:2.3:a:-:libsepol:2.9_2.el8:*:*:*:*:*:*:*