Back to bug 1378577
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-09-23 09:02:26 UTC | Keywords | Security | |
| CC | amaris | |||
| Paul Moore | 2016-09-23 13:22:57 UTC | CC | pmoore | |
| Adam Mariš | 2016-09-23 14:18:33 UTC | Summary | policycoreutils SELinux sandbox escape via TIOCSTI ioctl | policycoreutils: SELinux sandbox escape via TIOCSTI ioctl |
| Adam Mariš | 2016-09-23 14:18:38 UTC | Whiteboard | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | |
| Adam Mariš | 2016-09-23 14:18:46 UTC | Priority | unspecified | high |
| Adam Mariš | 2016-09-23 14:22:28 UTC | Whiteboard | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,rhel-5/policycoreutils=new,rhel-6/policycoreutils=new,rhel-7/policycoreutils=new,fedora-all/policycoreutils=affected |
| Adam Mariš | 2016-09-23 14:22:43 UTC | CC | dwalsh, lvrabec, mgrepl, mmalik, plautrba, ssekidde, vmojzis | |
| Adam Mariš | 2016-09-23 14:23:32 UTC | Blocks | 1378931 | |
| Adam Mariš | 2016-09-23 14:27:02 UTC | Depends On | 1378932 | |
| Robert Scheck | 2016-09-25 12:42:58 UTC | CC | redhat-bugzilla | |
| Kamil Dudka | 2016-09-26 06:47:03 UTC | CC | kdudka | |
| Andrej Nemec | 2016-09-26 08:08:28 UTC | Alias | CVE-2016-7545 | |
| Andrej Nemec | 2016-09-26 08:08:37 UTC | Summary | policycoreutils: SELinux sandbox escape via TIOCSTI ioctl | CVE-2016-7545 policycoreutils: SELinux sandbox escape via TIOCSTI ioctl |
| Paul Moore | 2016-09-28 18:46:00 UTC | CC | security-response-team | |
| Flags | needinfo?(security-response-team) | |||
| Doran Moppert | 2016-09-28 23:54:47 UTC | Whiteboard | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,rhel-5/policycoreutils=new,rhel-6/policycoreutils=new,rhel-7/policycoreutils=new,fedora-all/policycoreutils=affected | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,rhel-5/policycoreutils=notaffected,rhel-6/policycoreutils=affected,rhel-7/policycoreutils=affected,fedora-all/policycoreutils=affected |
| Wade Mealing | 2016-09-29 00:16:59 UTC | CC | wmealing | |
| Lukas Vrabec | 2016-09-29 09:21:36 UTC | Flags | needinfo?(security-response-team) | |
| Cedric Buissart | 2016-09-29 13:40:29 UTC | Doc Text | It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent bash, escaping the sandbox. | |
| Cedric Buissart | 2016-09-29 15:03:01 UTC | CC | cbuissar | |
| Cedric Buissart | 2016-09-30 12:41:01 UTC | Depends On | 1380733 | |
| Cedric Buissart | 2016-09-30 12:41:09 UTC | Depends On | 1380734 | |
| Cedric Buissart | 2016-09-30 12:41:17 UTC | Depends On | 1380735 | |
| Cedric Buissart | 2016-09-30 12:41:23 UTC | Depends On | 1380736 | |
| Adam Mariš | 2016-11-08 16:06:46 UTC | CC | amaris | |
| Tomas Hoger | 2016-11-11 20:07:12 UTC | Doc Text | It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent bash, escaping the sandbox. | It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. |
| Yasuhiro Ozone | 2016-11-14 03:31:29 UTC | CC | yozone | |
| Cedric Buissart | 2016-11-14 13:15:12 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-14 08:15:12 UTC | |||
| Adam Mariš | 2017-03-07 15:04:43 UTC | Depends On | 1429954, 1429955 | |
| Cedric Buissart | 2017-03-07 16:19:49 UTC | Status | CLOSED | NEW |
| Resolution | ERRATA | --- | ||
| Keywords | Reopened | |||
| Clifford Perry | 2017-03-08 11:05:50 UTC | CC | cperry | |
| Cedric Buissart | 2017-03-08 17:21:03 UTC | Hardware | Unspecified | All |
| OS | Unspecified | Linux | ||
| Cedric Buissart | 2017-03-15 14:17:34 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-11-14 08:15:12 UTC | 2017-03-15 10:17:34 UTC | ||
| Product Security DevOps Team | 2019-09-29 13:57:05 UTC | Whiteboard | impact=important,public=20160922,reported=20160922,source=researcher,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=8.6/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H,rhel-5/policycoreutils=notaffected,rhel-6/policycoreutils=affected,rhel-7/policycoreutils=affected,fedora-all/policycoreutils=affected |
Back to bug 1378577