CVE-2018-1063

low-risk
Published 2018-03-02

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.

Do I need to act?

-
0.12% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.4/10 Medium
LOCAL / LOW complexity

Affected Products (2)

Selinux

Affected Vendors

Redhat Selinux Project

References (4)

https://access.redhat.com/errata/RHSA-2018:0913
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1550122
https://access.redhat.com/errata/RHSA-2018:0913
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1550122
22
/ 100
low-risk
Severity 15/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 7/34 · Low