← Back

CVE-2011-1011

nvd nist
Published: Feb 24, 2011Modified: Apr 29, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

Affected (270)

Redhat
3 products
Policycoreutils
Enterprise Linux
Fedora
Configuration A
270 vulnerable
Vulnerable SoftwareAffected Versions
Redhat
Policycoreutils
Up to 2.0.83
Policycoreutils
Version 1.0
Policycoreutils
Version 1.10
Policycoreutils
Version 1.12
Policycoreutils
Version 1.14
Policycoreutils
Version 1.16
Policycoreutils
Version 1.18
Policycoreutils
Version 1.1
Policycoreutils
Version 1.20
Policycoreutils
Version 1.21.10
Policycoreutils
Version 1.21.11
Policycoreutils
Version 1.21.12
Policycoreutils
Version 1.21.13
Policycoreutils
Version 1.21.14
Policycoreutils
Version 1.21.15
Policycoreutils
Version 1.21.16
Policycoreutils
Version 1.21.17
Policycoreutils
Version 1.21.18
Policycoreutils
Version 1.21.19
Policycoreutils
Version 1.21.1
Policycoreutils
Version 1.21.20
Policycoreutils
Version 1.21.21
Policycoreutils
Version 1.21.22
Policycoreutils
Version 1.21.2
Policycoreutils
Version 1.21.3
Policycoreutils
Version 1.21.4
Policycoreutils
Version 1.21.5
Policycoreutils
Version 1.21.6
Policycoreutils
Version 1.21.7
Policycoreutils
Version 1.21.8
Policycoreutils
Version 1.21.9
Policycoreutils
Version 1.22
Policycoreutils
Version 1.23.10
Policycoreutils
Version 1.23.11
Policycoreutils
Version 1.23.1
Policycoreutils
Version 1.23.2
Policycoreutils
Version 1.23.3
Policycoreutils
Version 1.23.4
Policycoreutils
Version 1.23.5
Policycoreutils
Version 1.23.6
Policycoreutils
Version 1.23.7
Policycoreutils
Version 1.23.8
Policycoreutils
Version 1.23.9
Policycoreutils
Version 1.24
Policycoreutils
Version 1.25.1
Policycoreutils
Version 1.25.2
Policycoreutils
Version 1.25.3
Policycoreutils
Version 1.25.4
Policycoreutils
Version 1.25.5
Policycoreutils
Version 1.25.6
Policycoreutils
Version 1.25.7
Policycoreutils
Version 1.25.8
Policycoreutils
Version 1.25.9
Policycoreutils
Version 1.26
Policycoreutils
Version 1.27.10
Policycoreutils
Version 1.27.11
Policycoreutils
Version 1.27.12
Policycoreutils
Version 1.27.13
Policycoreutils
Version 1.27.14
Policycoreutils
Version 1.27.15
Policycoreutils
Version 1.27.16
Policycoreutils
Version 1.27.17
Policycoreutils
Version 1.27.18
Policycoreutils
Version 1.27.19
Policycoreutils
Version 1.27.1
Policycoreutils
Version 1.27.20
Policycoreutils
Version 1.27.21
Policycoreutils
Version 1.27.22
Policycoreutils
Version 1.27.23
Policycoreutils
Version 1.27.24
Policycoreutils
Version 1.27.25
Policycoreutils
Version 1.27.26
Policycoreutils
Version 1.27.27
Policycoreutils
Version 1.27.28
Policycoreutils
Version 1.27.29
Policycoreutils
Version 1.27.2
Policycoreutils
Version 1.27.30
Policycoreutils
Version 1.27.31
Policycoreutils
Version 1.27.32
Policycoreutils
Version 1.27.33
Policycoreutils
Version 1.27.34
Policycoreutils
Version 1.27.35
Policycoreutils
Version 1.27.36
Policycoreutils
Version 1.27.37
Policycoreutils
Version 1.27.3
Policycoreutils
Version 1.27.4
Policycoreutils
Version 1.27.5
Policycoreutils
Version 1.27.6
Policycoreutils
Version 1.27.7
Policycoreutils
Version 1.27.8
Policycoreutils
Version 1.27.9
Policycoreutils
Version 1.28
Policycoreutils
Version 1.29.10
Policycoreutils
Version 1.29.11
Policycoreutils
Version 1.29.12
Policycoreutils
Version 1.29.13
Policycoreutils
Version 1.29.14
Policycoreutils
Version 1.29.15
Policycoreutils
Version 1.29.16
Policycoreutils
Version 1.29.17
Policycoreutils
Version 1.29.18
Policycoreutils
Version 1.29.19
Policycoreutils
Version 1.29.1
Policycoreutils
Version 1.29.20
Policycoreutils
Version 1.29.21
Policycoreutils
Version 1.29.22
Policycoreutils
Version 1.29.23
Policycoreutils
Version 1.29.24
Policycoreutils
Version 1.29.25
Policycoreutils
Version 1.29.26
Policycoreutils
Version 1.29.27
Policycoreutils
Version 1.29.28
Policycoreutils
Version 1.29.2
Policycoreutils
Version 1.29.3
Policycoreutils
Version 1.29.4
Policycoreutils
Version 1.29.5
Policycoreutils
Version 1.29.6
Policycoreutils
Version 1.29.7
Policycoreutils
Version 1.29.8
Policycoreutils
Version 1.29.9
Policycoreutils
Version 1.2
Policycoreutils
Version 1.30.10
Policycoreutils
Version 1.30.11
Policycoreutils
Version 1.30.12
Policycoreutils
Version 1.30.13
Policycoreutils
Version 1.30.14
Policycoreutils
Version 1.30.15
Policycoreutils
Version 1.30.16
Policycoreutils
Version 1.30.17
Policycoreutils
Version 1.30.18
Policycoreutils
Version 1.30.19
Policycoreutils
Version 1.30.1
Policycoreutils
Version 1.30.20
Policycoreutils
Version 1.30.21
Policycoreutils
Version 1.30.22
Policycoreutils
Version 1.30.23
Policycoreutils
Version 1.30.24
Policycoreutils
Version 1.30.25
Policycoreutils
Version 1.30.26
Policycoreutils
Version 1.30.27
Policycoreutils
Version 1.30.28
Policycoreutils
Version 1.30.29
Policycoreutils
Version 1.30.2
Policycoreutils
Version 1.30.30
Policycoreutils
Version 1.30.31
Policycoreutils
Version 1.30.3
Policycoreutils
Version 1.30.4
Policycoreutils
Version 1.30.5
Policycoreutils
Version 1.30.6
Policycoreutils
Version 1.30.7
Policycoreutils
Version 1.30.8
Policycoreutils
Version 1.30.9
Policycoreutils
Version 1.30
Policycoreutils
Version 1.32
Policycoreutils
Version 1.33.10
Policycoreutils
Version 1.33.11
Policycoreutils
Version 1.33.12
Policycoreutils
Version 1.33.13
Policycoreutils
Version 1.33.14
Policycoreutils
Version 1.33.15
Policycoreutils
Version 1.33.16
Policycoreutils
Version 1.33.1
Policycoreutils
Version 1.33.2
Policycoreutils
Version 1.33.3
Policycoreutils
Version 1.33.4
Policycoreutils
Version 1.33.5
Policycoreutils
Version 1.33.6
Policycoreutils
Version 1.33.7
Policycoreutils
Version 1.33.8
Policycoreutils
Version 1.33.9
Policycoreutils
Version 1.34.0
Policycoreutils
Version 1.34.1
Policycoreutils
Version 1.4
Policycoreutils
Version 1.6
Policycoreutils
Version 1.8
Policycoreutils
Version 2.0.0
Policycoreutils
Version 2.0.10
Policycoreutils
Version 2.0.11
Policycoreutils
Version 2.0.12
Policycoreutils
Version 2.0.13
Policycoreutils
Version 2.0.14
Policycoreutils
Version 2.0.15
Policycoreutils
Version 2.0.16
Policycoreutils
Version 2.0.17
Policycoreutils
Version 2.0.18
Policycoreutils
Version 2.0.19
Policycoreutils
Version 2.0.1
Policycoreutils
Version 2.0.20
Policycoreutils
Version 2.0.21
Policycoreutils
Version 2.0.22
Policycoreutils
Version 2.0.23
Policycoreutils
Version 2.0.24
Policycoreutils
Version 2.0.25
Policycoreutils
Version 2.0.26
Policycoreutils
Version 2.0.27
Policycoreutils
Version 2.0.28
Policycoreutils
Version 2.0.29
Policycoreutils
Version 2.0.2
Policycoreutils
Version 2.0.30
Policycoreutils
Version 2.0.31
Policycoreutils
Version 2.0.32
Policycoreutils
Version 2.0.33
Policycoreutils
Version 2.0.34
Policycoreutils
Version 2.0.35
Policycoreutils
Version 2.0.36
Policycoreutils
Version 2.0.37
Policycoreutils
Version 2.0.38
Policycoreutils
Version 2.0.39
Policycoreutils
Version 2.0.3
Policycoreutils
Version 2.0.40
Policycoreutils
Version 2.0.41
Policycoreutils
Version 2.0.42
Policycoreutils
Version 2.0.43
Policycoreutils
Version 2.0.44
Policycoreutils
Version 2.0.45
Policycoreutils
Version 2.0.46
Policycoreutils
Version 2.0.47
Policycoreutils
Version 2.0.48
Policycoreutils
Version 2.0.49
Policycoreutils
Version 2.0.4
Policycoreutils
Version 2.0.50
Policycoreutils
Version 2.0.51
Policycoreutils
Version 2.0.52
Policycoreutils
Version 2.0.53
Policycoreutils
Version 2.0.54
Policycoreutils
Version 2.0.55
Policycoreutils
Version 2.0.56
Policycoreutils
Version 2.0.57
Policycoreutils
Version 2.0.58
Policycoreutils
Version 2.0.59
Policycoreutils
Version 2.0.5
Policycoreutils
Version 2.0.60
Policycoreutils
Version 2.0.61
Policycoreutils
Version 2.0.62
Policycoreutils
Version 2.0.63
Policycoreutils
Version 2.0.64
Policycoreutils
Version 2.0.65
Policycoreutils
Version 2.0.66
Policycoreutils
Version 2.0.67
Policycoreutils
Version 2.0.68
Policycoreutils
Version 2.0.69
Policycoreutils
Version 2.0.6
Policycoreutils
Version 2.0.70
Policycoreutils
Version 2.0.71
Policycoreutils
Version 2.0.72
Policycoreutils
Version 2.0.73
Policycoreutils
Version 2.0.74
Policycoreutils
Version 2.0.75
Policycoreutils
Version 2.0.76
Policycoreutils
Version 2.0.77
Policycoreutils
Version 2.0.78
Policycoreutils
Version 2.0.79
Policycoreutils
Version 2.0.7
Policycoreutils
Version 2.0.80
Policycoreutils
Version 2.0.81
Policycoreutils
Version 2.0.82
Policycoreutils
Version 2.0.8
Policycoreutils
Version 2.0.9
Redhat
Enterprise Linux
Version 3
Enterprise Linux
Version 4
Enterprise Linux
Version 5
Enterprise Linux
Version 6.0
Redhat
Fedora
Version 10
Fedora
Version 12
Fedora
Version 13
Fedora
Version 14
Fedora
Version 6
Fedora
Version 7
Fedora
Version 8
Fedora
Version 9

Related CWEs

CWE-264
CWE-264

References (30)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.