First published: Mon Sep 13 2010(Updated: )
Tavis Ormandy reported that seunshare, part of policycoreutils, was shipped setuid root and failed to enforce proper permissions on an alternate temporary directory mounted as /tmp. This could potentially lead to privilege escalation in certain privileged applications that assume /tmp to be sticky and root-owned. Acknowledgements: Red Hat would like to thank Tavis Ormandy for reporting this issue.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Policycoreutils | <=2.0.83 | |
Redhat Policycoreutils | =1.0 | |
Redhat Policycoreutils | =1.1 | |
Redhat Policycoreutils | =1.2 | |
Redhat Policycoreutils | =1.4 | |
Redhat Policycoreutils | =1.6 | |
Redhat Policycoreutils | =1.8 | |
Redhat Policycoreutils | =1.10 | |
Redhat Policycoreutils | =1.12 | |
Redhat Policycoreutils | =1.14 | |
Redhat Policycoreutils | =1.16 | |
Redhat Policycoreutils | =1.18 | |
Redhat Policycoreutils | =1.20 | |
Redhat Policycoreutils | =1.21.1 | |
Redhat Policycoreutils | =1.21.2 | |
Redhat Policycoreutils | =1.21.3 | |
Redhat Policycoreutils | =1.21.4 | |
Redhat Policycoreutils | =1.21.5 | |
Redhat Policycoreutils | =1.21.6 | |
Redhat Policycoreutils | =1.21.7 | |
Redhat Policycoreutils | =1.21.8 | |
Redhat Policycoreutils | =1.21.9 | |
Redhat Policycoreutils | =1.21.10 | |
Redhat Policycoreutils | =1.21.11 | |
Redhat Policycoreutils | =1.21.12 | |
Redhat Policycoreutils | =1.21.13 | |
Redhat Policycoreutils | =1.21.14 | |
Redhat Policycoreutils | =1.21.15 | |
Redhat Policycoreutils | =1.21.16 | |
Redhat Policycoreutils | =1.21.17 | |
Redhat Policycoreutils | =1.21.18 | |
Redhat Policycoreutils | =1.21.19 | |
Redhat Policycoreutils | =1.21.20 | |
Redhat Policycoreutils | =1.21.21 | |
Redhat Policycoreutils | =1.21.22 | |
Redhat Policycoreutils | =1.22 | |
Redhat Policycoreutils | =1.23.1 | |
Redhat Policycoreutils | =1.23.2 | |
Redhat Policycoreutils | =1.23.3 | |
Redhat Policycoreutils | =1.23.4 | |
Redhat Policycoreutils | =1.23.5 | |
Redhat Policycoreutils | =1.23.6 | |
Redhat Policycoreutils | =1.23.7 | |
Redhat Policycoreutils | =1.23.8 | |
Redhat Policycoreutils | =1.23.9 | |
Redhat Policycoreutils | =1.23.10 | |
Redhat Policycoreutils | =1.23.11 | |
Redhat Policycoreutils | =1.24 | |
Redhat Policycoreutils | =1.25.1 | |
Redhat Policycoreutils | =1.25.2 | |
Redhat Policycoreutils | =1.25.3 | |
Redhat Policycoreutils | =1.25.4 | |
Redhat Policycoreutils | =1.25.5 | |
Redhat Policycoreutils | =1.25.6 | |
Redhat Policycoreutils | =1.25.7 | |
Redhat Policycoreutils | =1.25.8 | |
Redhat Policycoreutils | =1.25.9 | |
Redhat Policycoreutils | =1.26 | |
Redhat Policycoreutils | =1.27.1 | |
Redhat Policycoreutils | =1.27.2 | |
Redhat Policycoreutils | =1.27.3 | |
Redhat Policycoreutils | =1.27.4 | |
Redhat Policycoreutils | =1.27.5 | |
Redhat Policycoreutils | =1.27.6 | |
Redhat Policycoreutils | =1.27.7 | |
Redhat Policycoreutils | =1.27.8 | |
Redhat Policycoreutils | =1.27.9 | |
Redhat Policycoreutils | =1.27.10 | |
Redhat Policycoreutils | =1.27.11 | |
Redhat Policycoreutils | =1.27.12 | |
Redhat Policycoreutils | =1.27.13 | |
Redhat Policycoreutils | =1.27.14 | |
Redhat Policycoreutils | =1.27.15 | |
Redhat Policycoreutils | =1.27.16 | |
Redhat Policycoreutils | =1.27.17 | |
Redhat Policycoreutils | =1.27.18 | |
Redhat Policycoreutils | =1.27.19 | |
Redhat Policycoreutils | =1.27.20 | |
Redhat Policycoreutils | =1.27.21 | |
Redhat Policycoreutils | =1.27.22 | |
Redhat Policycoreutils | =1.27.23 | |
Redhat Policycoreutils | =1.27.24 | |
Redhat Policycoreutils | =1.27.25 | |
Redhat Policycoreutils | =1.27.26 | |
Redhat Policycoreutils | =1.27.27 | |
Redhat Policycoreutils | =1.27.28 | |
Redhat Policycoreutils | =1.27.29 | |
Redhat Policycoreutils | =1.27.30 | |
Redhat Policycoreutils | =1.27.31 | |
Redhat Policycoreutils | =1.27.32 | |
Redhat Policycoreutils | =1.27.33 | |
Redhat Policycoreutils | =1.27.34 | |
Redhat Policycoreutils | =1.27.35 | |
Redhat Policycoreutils | =1.27.36 | |
Redhat Policycoreutils | =1.27.37 | |
Redhat Policycoreutils | =1.28 | |
Redhat Policycoreutils | =1.29.1 | |
Redhat Policycoreutils | =1.29.2 | |
Redhat Policycoreutils | =1.29.3 | |
Redhat Policycoreutils | =1.29.4 | |
Redhat Policycoreutils | =1.29.5 | |
Redhat Policycoreutils | =1.29.6 | |
Redhat Policycoreutils | =1.29.7 | |
Redhat Policycoreutils | =1.29.8 | |
Redhat Policycoreutils | =1.29.9 | |
Redhat Policycoreutils | =1.29.10 | |
Redhat Policycoreutils | =1.29.11 | |
Redhat Policycoreutils | =1.29.12 | |
Redhat Policycoreutils | =1.29.13 | |
Redhat Policycoreutils | =1.29.14 | |
Redhat Policycoreutils | =1.29.15 | |
Redhat Policycoreutils | =1.29.16 | |
Redhat Policycoreutils | =1.29.17 | |
Redhat Policycoreutils | =1.29.18 | |
Redhat Policycoreutils | =1.29.19 | |
Redhat Policycoreutils | =1.29.20 | |
Redhat Policycoreutils | =1.29.21 | |
Redhat Policycoreutils | =1.29.22 | |
Redhat Policycoreutils | =1.29.23 | |
Redhat Policycoreutils | =1.29.24 | |
Redhat Policycoreutils | =1.29.25 | |
Redhat Policycoreutils | =1.29.26 | |
Redhat Policycoreutils | =1.29.27 | |
Redhat Policycoreutils | =1.29.28 | |
Redhat Policycoreutils | =1.30 | |
Redhat Policycoreutils | =1.30.1 | |
Redhat Policycoreutils | =1.30.2 | |
Redhat Policycoreutils | =1.30.3 | |
Redhat Policycoreutils | =1.30.4 | |
Redhat Policycoreutils | =1.30.5 | |
Redhat Policycoreutils | =1.30.6 | |
Redhat Policycoreutils | =1.30.7 | |
Redhat Policycoreutils | =1.30.8 | |
Redhat Policycoreutils | =1.30.9 | |
Redhat Policycoreutils | =1.30.10 | |
Redhat Policycoreutils | =1.30.11 | |
Redhat Policycoreutils | =1.30.12 | |
Redhat Policycoreutils | =1.30.13 | |
Redhat Policycoreutils | =1.30.14 | |
Redhat Policycoreutils | =1.30.15 | |
Redhat Policycoreutils | =1.30.16 | |
Redhat Policycoreutils | =1.30.17 | |
Redhat Policycoreutils | =1.30.18 | |
Redhat Policycoreutils | =1.30.19 | |
Redhat Policycoreutils | =1.30.20 | |
Redhat Policycoreutils | =1.30.21 | |
Redhat Policycoreutils | =1.30.22 | |
Redhat Policycoreutils | =1.30.23 | |
Redhat Policycoreutils | =1.30.24 | |
Redhat Policycoreutils | =1.30.25 | |
Redhat Policycoreutils | =1.30.26 | |
Redhat Policycoreutils | =1.30.27 | |
Redhat Policycoreutils | =1.30.28 | |
Redhat Policycoreutils | =1.30.29 | |
Redhat Policycoreutils | =1.30.30 | |
Redhat Policycoreutils | =1.30.31 | |
Redhat Policycoreutils | =1.32 | |
Redhat Policycoreutils | =1.33.1 | |
Redhat Policycoreutils | =1.33.2 | |
Redhat Policycoreutils | =1.33.3 | |
Redhat Policycoreutils | =1.33.4 | |
Redhat Policycoreutils | =1.33.5 | |
Redhat Policycoreutils | =1.33.6 | |
Redhat Policycoreutils | =1.33.7 | |
Redhat Policycoreutils | =1.33.8 | |
Redhat Policycoreutils | =1.33.9 | |
Redhat Policycoreutils | =1.33.10 | |
Redhat Policycoreutils | =1.33.11 | |
Redhat Policycoreutils | =1.33.12 | |
Redhat Policycoreutils | =1.33.13 | |
Redhat Policycoreutils | =1.33.14 | |
Redhat Policycoreutils | =1.33.15 | |
Redhat Policycoreutils | =1.33.16 | |
Redhat Policycoreutils | =1.34.0 | |
Redhat Policycoreutils | =1.34.1 | |
Redhat Policycoreutils | =2.0.0 | |
Redhat Policycoreutils | =2.0.1 | |
Redhat Policycoreutils | =2.0.2 | |
Redhat Policycoreutils | =2.0.3 | |
Redhat Policycoreutils | =2.0.4 | |
Redhat Policycoreutils | =2.0.5 | |
Redhat Policycoreutils | =2.0.6 | |
Redhat Policycoreutils | =2.0.7 | |
Redhat Policycoreutils | =2.0.8 | |
Redhat Policycoreutils | =2.0.9 | |
Redhat Policycoreutils | =2.0.10 | |
Redhat Policycoreutils | =2.0.11 | |
Redhat Policycoreutils | =2.0.12 | |
Redhat Policycoreutils | =2.0.13 | |
Redhat Policycoreutils | =2.0.14 | |
Redhat Policycoreutils | =2.0.15 | |
Redhat Policycoreutils | =2.0.16 | |
Redhat Policycoreutils | =2.0.17 | |
Redhat Policycoreutils | =2.0.18 | |
Redhat Policycoreutils | =2.0.19 | |
Redhat Policycoreutils | =2.0.20 | |
Redhat Policycoreutils | =2.0.21 | |
Redhat Policycoreutils | =2.0.22 | |
Redhat Policycoreutils | =2.0.23 | |
Redhat Policycoreutils | =2.0.24 | |
Redhat Policycoreutils | =2.0.25 | |
Redhat Policycoreutils | =2.0.26 | |
Redhat Policycoreutils | =2.0.27 | |
Redhat Policycoreutils | =2.0.28 | |
Redhat Policycoreutils | =2.0.29 | |
Redhat Policycoreutils | =2.0.30 | |
Redhat Policycoreutils | =2.0.31 | |
Redhat Policycoreutils | =2.0.32 | |
Redhat Policycoreutils | =2.0.33 | |
Redhat Policycoreutils | =2.0.34 | |
Redhat Policycoreutils | =2.0.35 | |
Redhat Policycoreutils | =2.0.36 | |
Redhat Policycoreutils | =2.0.37 | |
Redhat Policycoreutils | =2.0.38 | |
Redhat Policycoreutils | =2.0.39 | |
Redhat Policycoreutils | =2.0.40 | |
Redhat Policycoreutils | =2.0.41 | |
Redhat Policycoreutils | =2.0.42 | |
Redhat Policycoreutils | =2.0.43 | |
Redhat Policycoreutils | =2.0.44 | |
Redhat Policycoreutils | =2.0.45 | |
Redhat Policycoreutils | =2.0.46 | |
Redhat Policycoreutils | =2.0.47 | |
Redhat Policycoreutils | =2.0.48 | |
Redhat Policycoreutils | =2.0.49 | |
Redhat Policycoreutils | =2.0.50 | |
Redhat Policycoreutils | =2.0.51 | |
Redhat Policycoreutils | =2.0.52 | |
Redhat Policycoreutils | =2.0.53 | |
Redhat Policycoreutils | =2.0.54 | |
Redhat Policycoreutils | =2.0.55 | |
Redhat Policycoreutils | =2.0.56 | |
Redhat Policycoreutils | =2.0.57 | |
Redhat Policycoreutils | =2.0.58 | |
Redhat Policycoreutils | =2.0.59 | |
Redhat Policycoreutils | =2.0.60 | |
Redhat Policycoreutils | =2.0.61 | |
Redhat Policycoreutils | =2.0.62 | |
Redhat Policycoreutils | =2.0.63 | |
Redhat Policycoreutils | =2.0.64 | |
Redhat Policycoreutils | =2.0.65 | |
Redhat Policycoreutils | =2.0.66 | |
Redhat Policycoreutils | =2.0.67 | |
Redhat Policycoreutils | =2.0.68 | |
Redhat Policycoreutils | =2.0.69 | |
Redhat Policycoreutils | =2.0.70 | |
Redhat Policycoreutils | =2.0.71 | |
Redhat Policycoreutils | =2.0.72 | |
Redhat Policycoreutils | =2.0.73 | |
Redhat Policycoreutils | =2.0.74 | |
Redhat Policycoreutils | =2.0.75 | |
Redhat Policycoreutils | =2.0.76 | |
Redhat Policycoreutils | =2.0.77 | |
Redhat Policycoreutils | =2.0.78 | |
Redhat Policycoreutils | =2.0.79 | |
Redhat Policycoreutils | =2.0.80 | |
Redhat Policycoreutils | =2.0.81 | |
Redhat Policycoreutils | =2.0.82 | |
Redhat Enterprise Linux | =3 | |
Redhat Enterprise Linux | =4 | |
Redhat Enterprise Linux | =5 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Fedora | =6 | |
Redhat Fedora | =7 | |
Redhat Fedora | =8 | |
Redhat Fedora | =9 | |
Redhat Fedora | =10 | |
Redhat Fedora | =12 | |
Redhat Fedora | =13 | |
Redhat Fedora | =14 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.