PT-2017-8640 · Red Hat+1 · Setroubleshoot+2

Sebastian Krahmer

Published

2016-06-21

Updated

2017-04-17

CVE-2016-4989

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions setroubleshoot (affected versions not specified)

Description The issue allows local users to bypass an intended container protection mechanism and execute arbitrary commands. This can be achieved by triggering an SELinux denial with a crafted file name, handled by the set tpath function, or via a crafted local id or analysis id field in a crafted XML document to the run fix function. The vulnerability is related to the subprocess.check output and commands.getstatusoutput functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CESA-2016_1267

CESA-2016_1293

CVE-2016-4989

RHSA-2016:1267

RHSA-2016:1293

RHSA-2016_1267

RHSA-2016_1293

Affected Products

Centos

Red Hat

Setroubleshoot

PT-2017-8640 · Red Hat+1 · Setroubleshoot+2

CVE-2016-4989

Weakness Enumeration

Related Identifiers

Affected Products

References · 11