CVE-2018-1063 -- policycoreutilsID: oval:org.secpod.oval:def:2000610 | Date: (C)2019-04-21 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable . The issue was found in policycoreutils 2.5-11.
Platform: |
Debian 8.x |
Debian 9.x |