CVE-2016-4989

Name of the Vulnerable Software and Affected Versions setroubleshoot (affected versions not specified)

Description The issue allows local users to bypass an intended container protection mechanism and execute arbitrary commands. This can be achieved by triggering an SELinux denial with a crafted file name, handled by the set tpath function, or via a crafted local id or analysis id field in a crafted XML document to the run fix function. The vulnerability is related to the subprocess.check output and commands.getstatusoutput functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.