CVE-2016-4445
Severity CVSS v4.0:
Pending analysis
Type:
CWE-77
Command Injection
Publication date:
11/04/2017
Last modified:
20/04/2025
Description
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function.
Impact
Base Score 3.x
7.00
Severity 3.x
HIGH
Base Score 2.0
6.90
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:setroubleshoot_project:setroubleshoot:*:*:*:*:*:*:*:* | 3.2.22 (including) | |
| cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://seclists.org/oss-sec/2016/q2/575
- http://www.securityfocus.com/bid/91430
- http://www.securitytracker.com/id/1036144
- https://bugzilla.redhat.com/show_bug.cgi?id=1339183
- https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7
- https://rhn.redhat.com/errata/RHSA-2016-1267.html
- http://seclists.org/oss-sec/2016/q2/575
- http://www.securityfocus.com/bid/91430
- http://www.securitytracker.com/id/1036144
- https://bugzilla.redhat.com/show_bug.cgi?id=1339183
- https://github.com/fedora-selinux/setroubleshoot/commit/2d12677629ca319310f6263688bb1b7f676c01b7
- https://rhn.redhat.com/errata/RHSA-2016-1267.html