CVE-2021-36084
- EPSS 0.02%
- Veröffentlicht 01.07.2021 03:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:07
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).
CVE-2021-36085
- EPSS 0.02%
- Veröffentlicht 01.07.2021 03:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:07
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).
CVE-2021-36086
- EPSS 0.02%
- Veröffentlicht 01.07.2021 03:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:07
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).
CVE-2021-36087
- EPSS 0.02%
- Veröffentlicht 01.07.2021 03:15:08
- Zuletzt bearbeitet 21.11.2024 06:13:07
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.
CVE-2015-3170
- EPSS 0.04%
- Veröffentlicht 21.07.2017 14:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.