CVE-2020-1690

Name of the Vulnerable Software and Affected Versions: openstack-selinux versions prior to 0.8.24

Description: An improper authorization flaw was discovered in openstack-selinux's applied policy, allowing a non-root user in a container to escalate privileges. A non-root attacker in one or more Red Hat OpenStack (RHOSP) containers could send messages to the dbus, potentially starting or stopping services and causing a denial of service.

Recommendations: For versions prior to 0.8.24, update to version 0.8.24 or later to resolve the issue. As a temporary workaround, consider restricting access to the dbus to minimize the risk of exploitation.