CVE-2018-1063 -- policycoreutilsID: oval:org.secpod.oval:def:1901929 | Date: (C)2019-05-07 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable . The issue was found in policycoreutils 2.5-11.
Platform: |
Ubuntu 16.04 |
Ubuntu 14.04 |