216934 items (4264 unread) in 27 feeds
Packet Storm Security Advisories
Posted: March 15th, 2017, 8:21am PDT
Red Hat Security Advisory 2017-0535-01 - The policycoreutils packages contain the core policy utilities required to manage a SELinux environment. Security Fix: It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox.