Lucene search
Redhat.comRH:CVE-2018-1063HistoryMar 01, 2018 - 3:23 p.m.
CVE-2018-1063
2018-03-0115:23:06
redhat.com
access.redhat.com
7
0.0004 Low
EPSS
Percentile
12.7%
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing).
Mitigation
Remove any symbolic links from /tmp and /var/tmp directories before relabeling the file system.
Related
cve
cve
CVE-2018-1063
2018-03-02 15:29:00
oraclelinux
oraclelinux
policycoreutils security, bug fix, and enhancement update
2018-04-16 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2019-2400)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:0927-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for policycoreutils (EulerOS-SA-2020-1423)
2020-04-16 00:00:00
mageia
mageia
Updated policycoreutils packages fix a security vulnerability
2021-01-17 19:07:01
prion
prion
Code injection
2018-03-02 15:29:00
nessus
nessus
RHEL 6 : policycoreutils (Unpatched Vulnerability)
2024-05-11 00:00:00
EulerOS 2.0 SP3 : policycoreutils (EulerOS-SA-2020-1423)
2020-04-15 00:00:00
amazon
amazon
Low: policycoreutils
2018-09-12 22:22:00
ubuntucve
ubuntucve
CVE-2018-1063
2018-03-02 00:00:00
centos
centos
policycoreutils security update
2018-04-26 17:49:24
redhat
redhat
ibm
ibm
Security Bulletin: A vulnerability in policycoreutils affects PowerKVM
2018-09-26 17:50:01
nvd
nvd
CVE-2018-1063
2018-03-02 15:29:00
cvelist
cvelist
CVE-2018-1063
2018-03-02 15:00:00
debiancve
debiancve
CVE-2018-1063
2018-03-02 15:29:00