It was discovered that sealert executed external fix commands using commands.getstatusoutput() without properly sanitizing untrusted inputs used as command arguments. These inputs originated from SELinux AVC messages. A local user could use this flaw to execute arbitrary code as root if they could trigger an SELinux denial using a file with a specially crafted name.
The use of commands.getstatusoutput() was already removed upstream via the following commit:
Name: Red Hat Product Security
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6
Via RHSA-2016:1267 https://access.redhat.com/errata/RHSA-2016:1267
This issue was fixed upstream in version 3.2.23. The setroubleshoot packages in Red Hat Enterprise Linux 7 were updated from version 3.2.17 to version 3.2.24 via RHBA-2015:2287, released as part of Red Hat Enterprise Linux 7.2.
Therefore, this issue was corrected in that update.