← Back

Selinux

selinux

Vendor: Selinux Project • 7 CVEs

CVEs (7)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-36087
2Fedoraproject
Selinux Project
2Fedora
Selinux
Nov 3, 2025
Jul 1, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an o...Show more
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.Show less
CVE-2021-36086
4Debian
FedoraprojectNetapp+1 more
8Active Iq Unified Manager
Bootstrap OsDebian Linux+5 more
Mar 24, 2026
Jul 1, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).
CVE-2021-36085
2Fedoraproject
Selinux Project
2Fedora
Selinux
Nov 3, 2025
Jul 1, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).
CVE-2021-36084
2Fedoraproject
Selinux Project
2Fedora
Selinux
Nov 3, 2025
Jul 1, 2021
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).
CVE-2018-1063
2Redhat
Selinux Project
2Enterprise Linux
Selinux
Nov 21, 2024
Mar 2, 2018
N/A· v4
4.4 MEDIUM· v3
3.3 LOW· v2
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only ha...Show more
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11.Show less
CVE-2015-3170
1Selinux Project
1Selinux
May 13, 2026
Jul 21, 2017
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating sel...Show more
selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .config, and updating selinux-policy.Show less
CVE-2016-7545
3Fedoraproject
RedhatSelinux Project
7Enterprise Linux Desktop
Enterprise Linux Hpc NodeEnterprise Linux Server+4 more
May 13, 2026
Jan 19, 2017
N/A· v4
8.8 HIGH· v3
7.2 HIGH· v2
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.