policycoreutils was found to be vulnerable to a symlink attack that allows an local user to change the SELinux context of arbitrary files. This issue only occurs at relabeling time, through symlinks present in the /tmp and /var/tmp directories.
Remove any symbolic links from /tmp and /var/tmp directories before relabeling the file system.
Name: Renaud Métrich (Red Hat)
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:0913 https://access.redhat.com/errata/RHSA-2018:0913