selinux_project CVE 脆弱性と CVE 一覧(7)

製品(CPE): — CVE 件数: 7

selinux_project 脆弱性概要

selinux_project 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に パス処理の欠陥 and バッファオーバーフロー などに関し、一部は vendor impact memory corruption を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 17 / 7 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2021-36087 The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. [email protected] 3.3 0.45% 2021-06-30 2026-06-16
CVE-2021-36086 The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). [email protected] 3.3 0.59% 2021-06-30 2026-06-16
CVE-2021-36085 The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map). [email protected] 3.3 0.45% 2021-06-30 2026-06-16
CVE-2021-36084 The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper). [email protected] 3.3 0.48% 2021-06-30 2026-06-16
CVE-2018-1063 Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11. [email protected] 4.4 0.39% 2018-03-02 2026-06-16
CVE-2015-3170 selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy. [email protected] 5.5 0.27% 2017-07-21 2026-06-16
CVE-2016-7545 SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. [email protected] 8.8 0.39% 2017-01-19 2026-06-16
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence