Vulnerability Details CVE-2011-1011
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.2%
CVSS Severity
CVSS v2 Score 6.9
References
- http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html
- http://openwall.com/lists/oss-security/2011/02/23/1
- http://openwall.com/lists/oss-security/2011/02/23/2
- http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197
- http://secunia.com/advisories/43415
- http://secunia.com/advisories/43844
- http://secunia.com/advisories/44034
- http://www.redhat.com/support/errata/RHSA-2011-0414.html
- http://www.securityfocus.com/bid/46510
- http://www.securitytracker.com/id?1025291
- http://www.vupen.com/english/advisories/2011/0701
- http://www.vupen.com/english/advisories/2011/0864
- https://bugzilla.redhat.com/show_bug.cgi?id=633544
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65641
- http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html
- http://openwall.com/lists/oss-security/2011/02/23/1
- http://openwall.com/lists/oss-security/2011/02/23/2
- http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197
- http://secunia.com/advisories/43415
- http://secunia.com/advisories/43844
- http://secunia.com/advisories/44034
- http://www.redhat.com/support/errata/RHSA-2011-0414.html
- http://www.securityfocus.com/bid/46510
- http://www.securitytracker.com/id?1025291
- http://www.vupen.com/english/advisories/2011/0701
- http://www.vupen.com/english/advisories/2011/0864
- https://bugzilla.redhat.com/show_bug.cgi?id=633544
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65641
Products affected by CVE-2011-1011
-
cpe:2.3:a:redhat:policycoreutils:*
-
cpe:2.3:a:redhat:policycoreutils:1.0
-
cpe:2.3:a:redhat:policycoreutils:1.1
-
cpe:2.3:a:redhat:policycoreutils:1.10
-
cpe:2.3:a:redhat:policycoreutils:1.12
-
cpe:2.3:a:redhat:policycoreutils:1.14
-
cpe:2.3:a:redhat:policycoreutils:1.16
-
cpe:2.3:a:redhat:policycoreutils:1.18
-
cpe:2.3:a:redhat:policycoreutils:1.2
-
cpe:2.3:a:redhat:policycoreutils:1.20
-
cpe:2.3:a:redhat:policycoreutils:1.21.1
-
cpe:2.3:a:redhat:policycoreutils:1.21.10
-
cpe:2.3:a:redhat:policycoreutils:1.21.11
-
cpe:2.3:a:redhat:policycoreutils:1.21.12
-
cpe:2.3:a:redhat:policycoreutils:1.21.13
-
cpe:2.3:a:redhat:policycoreutils:1.21.14
-
cpe:2.3:a:redhat:policycoreutils:1.21.15
-
cpe:2.3:a:redhat:policycoreutils:1.21.16
-
cpe:2.3:a:redhat:policycoreutils:1.21.17
-
cpe:2.3:a:redhat:policycoreutils:1.21.18
-
cpe:2.3:a:redhat:policycoreutils:1.21.19
-
cpe:2.3:a:redhat:policycoreutils:1.21.2
-
cpe:2.3:a:redhat:policycoreutils:1.21.20
-
cpe:2.3:a:redhat:policycoreutils:1.21.21
-
cpe:2.3:a:redhat:policycoreutils:1.21.22
-
cpe:2.3:a:redhat:policycoreutils:1.21.3
-
cpe:2.3:a:redhat:policycoreutils:1.21.4
-
cpe:2.3:a:redhat:policycoreutils:1.21.5
-
cpe:2.3:a:redhat:policycoreutils:1.21.6
-
cpe:2.3:a:redhat:policycoreutils:1.21.7
-
cpe:2.3:a:redhat:policycoreutils:1.21.8
-
cpe:2.3:a:redhat:policycoreutils:1.21.9
-
cpe:2.3:a:redhat:policycoreutils:1.22
-
cpe:2.3:a:redhat:policycoreutils:1.23.1
-
cpe:2.3:a:redhat:policycoreutils:1.23.10
-
cpe:2.3:a:redhat:policycoreutils:1.23.11
-
cpe:2.3:a:redhat:policycoreutils:1.23.2
-
cpe:2.3:a:redhat:policycoreutils:1.23.3
-
cpe:2.3:a:redhat:policycoreutils:1.23.4
-
cpe:2.3:a:redhat:policycoreutils:1.23.5
-
cpe:2.3:a:redhat:policycoreutils:1.23.6
-
cpe:2.3:a:redhat:policycoreutils:1.23.7
-
cpe:2.3:a:redhat:policycoreutils:1.23.8
-
cpe:2.3:a:redhat:policycoreutils:1.23.9
-
cpe:2.3:a:redhat:policycoreutils:1.24
-
cpe:2.3:a:redhat:policycoreutils:1.25.1
-
cpe:2.3:a:redhat:policycoreutils:1.25.2
-
cpe:2.3:a:redhat:policycoreutils:1.25.3
-
cpe:2.3:a:redhat:policycoreutils:1.25.4
-
cpe:2.3:a:redhat:policycoreutils:1.25.5
-
cpe:2.3:a:redhat:policycoreutils:1.25.6
-
cpe:2.3:a:redhat:policycoreutils:1.25.7
-
cpe:2.3:a:redhat:policycoreutils:1.25.8
-
cpe:2.3:a:redhat:policycoreutils:1.25.9
-
cpe:2.3:a:redhat:policycoreutils:1.26
-
cpe:2.3:a:redhat:policycoreutils:1.27.1
-
cpe:2.3:a:redhat:policycoreutils:1.27.10
-
cpe:2.3:a:redhat:policycoreutils:1.27.11
-
cpe:2.3:a:redhat:policycoreutils:1.27.12
-
cpe:2.3:a:redhat:policycoreutils:1.27.13
-
cpe:2.3:a:redhat:policycoreutils:1.27.14
-
cpe:2.3:a:redhat:policycoreutils:1.27.15
-
cpe:2.3:a:redhat:policycoreutils:1.27.16
-
cpe:2.3:a:redhat:policycoreutils:1.27.17
-
cpe:2.3:a:redhat:policycoreutils:1.27.18
-
cpe:2.3:a:redhat:policycoreutils:1.27.19
-
cpe:2.3:a:redhat:policycoreutils:1.27.2
-
cpe:2.3:a:redhat:policycoreutils:1.27.20
-
cpe:2.3:a:redhat:policycoreutils:1.27.21
-
cpe:2.3:a:redhat:policycoreutils:1.27.22
-
cpe:2.3:a:redhat:policycoreutils:1.27.23
-
cpe:2.3:a:redhat:policycoreutils:1.27.24
-
cpe:2.3:a:redhat:policycoreutils:1.27.25
-
cpe:2.3:a:redhat:policycoreutils:1.27.26
-
cpe:2.3:a:redhat:policycoreutils:1.27.27
-
cpe:2.3:a:redhat:policycoreutils:1.27.28
-
cpe:2.3:a:redhat:policycoreutils:1.27.29
-
cpe:2.3:a:redhat:policycoreutils:1.27.3
-
cpe:2.3:a:redhat:policycoreutils:1.27.30
-
cpe:2.3:a:redhat:policycoreutils:1.27.31
-
cpe:2.3:a:redhat:policycoreutils:1.27.32
-
cpe:2.3:a:redhat:policycoreutils:1.27.33
-
cpe:2.3:a:redhat:policycoreutils:1.27.34
-
cpe:2.3:a:redhat:policycoreutils:1.27.35
-
cpe:2.3:a:redhat:policycoreutils:1.27.36
-
cpe:2.3:a:redhat:policycoreutils:1.27.37
-
cpe:2.3:a:redhat:policycoreutils:1.27.4
-
cpe:2.3:a:redhat:policycoreutils:1.27.5
-
cpe:2.3:a:redhat:policycoreutils:1.27.6
-
cpe:2.3:a:redhat:policycoreutils:1.27.7
-
cpe:2.3:a:redhat:policycoreutils:1.27.8
-
cpe:2.3:a:redhat:policycoreutils:1.27.9
-
cpe:2.3:a:redhat:policycoreutils:1.28
-
cpe:2.3:a:redhat:policycoreutils:1.29.1
-
cpe:2.3:a:redhat:policycoreutils:1.29.10
-
cpe:2.3:a:redhat:policycoreutils:1.29.11
-
cpe:2.3:a:redhat:policycoreutils:1.29.12
-
cpe:2.3:a:redhat:policycoreutils:1.29.13
-
cpe:2.3:a:redhat:policycoreutils:1.29.14
-
cpe:2.3:a:redhat:policycoreutils:1.29.15
-
cpe:2.3:a:redhat:policycoreutils:1.29.16
-
cpe:2.3:a:redhat:policycoreutils:1.29.17
-
cpe:2.3:a:redhat:policycoreutils:1.29.18
-
cpe:2.3:a:redhat:policycoreutils:1.29.19
-
cpe:2.3:a:redhat:policycoreutils:1.29.2
-
cpe:2.3:a:redhat:policycoreutils:1.29.20
-
cpe:2.3:a:redhat:policycoreutils:1.29.21
-
cpe:2.3:a:redhat:policycoreutils:1.29.22
-
cpe:2.3:a:redhat:policycoreutils:1.29.23
-
cpe:2.3:a:redhat:policycoreutils:1.29.24
-
cpe:2.3:a:redhat:policycoreutils:1.29.25
-
cpe:2.3:a:redhat:policycoreutils:1.29.26
-
cpe:2.3:a:redhat:policycoreutils:1.29.27
-
cpe:2.3:a:redhat:policycoreutils:1.29.28
-
cpe:2.3:a:redhat:policycoreutils:1.29.3
-
cpe:2.3:a:redhat:policycoreutils:1.29.4
-
cpe:2.3:a:redhat:policycoreutils:1.29.5
-
cpe:2.3:a:redhat:policycoreutils:1.29.6
-
cpe:2.3:a:redhat:policycoreutils:1.29.7
-
cpe:2.3:a:redhat:policycoreutils:1.29.8
-
cpe:2.3:a:redhat:policycoreutils:1.29.9
-
cpe:2.3:a:redhat:policycoreutils:1.30
-
cpe:2.3:a:redhat:policycoreutils:1.30.1
-
cpe:2.3:a:redhat:policycoreutils:1.30.10
-
cpe:2.3:a:redhat:policycoreutils:1.30.11
-
cpe:2.3:a:redhat:policycoreutils:1.30.12
-
cpe:2.3:a:redhat:policycoreutils:1.30.13
-
cpe:2.3:a:redhat:policycoreutils:1.30.14
-
cpe:2.3:a:redhat:policycoreutils:1.30.15
-
cpe:2.3:a:redhat:policycoreutils:1.30.16
-
cpe:2.3:a:redhat:policycoreutils:1.30.17
-
cpe:2.3:a:redhat:policycoreutils:1.30.18
-
cpe:2.3:a:redhat:policycoreutils:1.30.19
-
cpe:2.3:a:redhat:policycoreutils:1.30.2
-
cpe:2.3:a:redhat:policycoreutils:1.30.20
-
cpe:2.3:a:redhat:policycoreutils:1.30.21
-
cpe:2.3:a:redhat:policycoreutils:1.30.22
-
cpe:2.3:a:redhat:policycoreutils:1.30.23
-
cpe:2.3:a:redhat:policycoreutils:1.30.24
-
cpe:2.3:a:redhat:policycoreutils:1.30.25
-
cpe:2.3:a:redhat:policycoreutils:1.30.26
-
cpe:2.3:a:redhat:policycoreutils:1.30.27
-
cpe:2.3:a:redhat:policycoreutils:1.30.28
-
cpe:2.3:a:redhat:policycoreutils:1.30.29
-
cpe:2.3:a:redhat:policycoreutils:1.30.3
-
cpe:2.3:a:redhat:policycoreutils:1.30.30
-
cpe:2.3:a:redhat:policycoreutils:1.30.31
-
cpe:2.3:a:redhat:policycoreutils:1.30.4
-
cpe:2.3:a:redhat:policycoreutils:1.30.5
-
cpe:2.3:a:redhat:policycoreutils:1.30.6
-
cpe:2.3:a:redhat:policycoreutils:1.30.7
-
cpe:2.3:a:redhat:policycoreutils:1.30.8
-
cpe:2.3:a:redhat:policycoreutils:1.30.9
-
cpe:2.3:a:redhat:policycoreutils:1.32
-
cpe:2.3:a:redhat:policycoreutils:1.33.1
-
cpe:2.3:a:redhat:policycoreutils:1.33.10
-
cpe:2.3:a:redhat:policycoreutils:1.33.11
-
cpe:2.3:a:redhat:policycoreutils:1.33.12
-
cpe:2.3:a:redhat:policycoreutils:1.33.13
-
cpe:2.3:a:redhat:policycoreutils:1.33.14
-
cpe:2.3:a:redhat:policycoreutils:1.33.15
-
cpe:2.3:a:redhat:policycoreutils:1.33.16
-
cpe:2.3:a:redhat:policycoreutils:1.33.2
-
cpe:2.3:a:redhat:policycoreutils:1.33.3
-
cpe:2.3:a:redhat:policycoreutils:1.33.4
-
cpe:2.3:a:redhat:policycoreutils:1.33.5
-
cpe:2.3:a:redhat:policycoreutils:1.33.6
-
cpe:2.3:a:redhat:policycoreutils:1.33.7
-
cpe:2.3:a:redhat:policycoreutils:1.33.8
-
cpe:2.3:a:redhat:policycoreutils:1.33.9
-
cpe:2.3:a:redhat:policycoreutils:1.34.0
-
cpe:2.3:a:redhat:policycoreutils:1.34.1
-
cpe:2.3:a:redhat:policycoreutils:1.4
-
cpe:2.3:a:redhat:policycoreutils:1.6
-
cpe:2.3:a:redhat:policycoreutils:1.8
-
cpe:2.3:a:redhat:policycoreutils:2.0.0
-
cpe:2.3:a:redhat:policycoreutils:2.0.1
-
cpe:2.3:a:redhat:policycoreutils:2.0.10
-
cpe:2.3:a:redhat:policycoreutils:2.0.11
-
cpe:2.3:a:redhat:policycoreutils:2.0.12
-
cpe:2.3:a:redhat:policycoreutils:2.0.13
-
cpe:2.3:a:redhat:policycoreutils:2.0.14
-
cpe:2.3:a:redhat:policycoreutils:2.0.15
-
cpe:2.3:a:redhat:policycoreutils:2.0.16
-
cpe:2.3:a:redhat:policycoreutils:2.0.17
-
cpe:2.3:a:redhat:policycoreutils:2.0.18
-
cpe:2.3:a:redhat:policycoreutils:2.0.19
-
cpe:2.3:a:redhat:policycoreutils:2.0.2
-
cpe:2.3:a:redhat:policycoreutils:2.0.20
-
cpe:2.3:a:redhat:policycoreutils:2.0.21
-
cpe:2.3:a:redhat:policycoreutils:2.0.22
-
cpe:2.3:a:redhat:policycoreutils:2.0.23
-
cpe:2.3:a:redhat:policycoreutils:2.0.24
-
cpe:2.3:a:redhat:policycoreutils:2.0.25
-
cpe:2.3:a:redhat:policycoreutils:2.0.26
-
cpe:2.3:a:redhat:policycoreutils:2.0.27
-
cpe:2.3:a:redhat:policycoreutils:2.0.28
-
cpe:2.3:a:redhat:policycoreutils:2.0.29
-
cpe:2.3:a:redhat:policycoreutils:2.0.3
-
cpe:2.3:a:redhat:policycoreutils:2.0.30
-
cpe:2.3:a:redhat:policycoreutils:2.0.31
-
cpe:2.3:a:redhat:policycoreutils:2.0.32
-
cpe:2.3:a:redhat:policycoreutils:2.0.33
-
cpe:2.3:a:redhat:policycoreutils:2.0.34
-
cpe:2.3:a:redhat:policycoreutils:2.0.35
-
cpe:2.3:a:redhat:policycoreutils:2.0.36
-
cpe:2.3:a:redhat:policycoreutils:2.0.37
-
cpe:2.3:a:redhat:policycoreutils:2.0.38
-
cpe:2.3:a:redhat:policycoreutils:2.0.39
-
cpe:2.3:a:redhat:policycoreutils:2.0.4
-
cpe:2.3:a:redhat:policycoreutils:2.0.40
-
cpe:2.3:a:redhat:policycoreutils:2.0.41
-
cpe:2.3:a:redhat:policycoreutils:2.0.42
-
cpe:2.3:a:redhat:policycoreutils:2.0.43
-
cpe:2.3:a:redhat:policycoreutils:2.0.44
-
cpe:2.3:a:redhat:policycoreutils:2.0.45
-
cpe:2.3:a:redhat:policycoreutils:2.0.46
-
cpe:2.3:a:redhat:policycoreutils:2.0.47
-
cpe:2.3:a:redhat:policycoreutils:2.0.48
-
cpe:2.3:a:redhat:policycoreutils:2.0.49
-
cpe:2.3:a:redhat:policycoreutils:2.0.5
-
cpe:2.3:a:redhat:policycoreutils:2.0.50
-
cpe:2.3:a:redhat:policycoreutils:2.0.51
-
cpe:2.3:a:redhat:policycoreutils:2.0.52
-
cpe:2.3:a:redhat:policycoreutils:2.0.53
-
cpe:2.3:a:redhat:policycoreutils:2.0.54
-
cpe:2.3:a:redhat:policycoreutils:2.0.55
-
cpe:2.3:a:redhat:policycoreutils:2.0.56
-
cpe:2.3:a:redhat:policycoreutils:2.0.57
-
cpe:2.3:a:redhat:policycoreutils:2.0.58
-
cpe:2.3:a:redhat:policycoreutils:2.0.59
-
cpe:2.3:a:redhat:policycoreutils:2.0.6
-
cpe:2.3:a:redhat:policycoreutils:2.0.60
-
cpe:2.3:a:redhat:policycoreutils:2.0.61
-
cpe:2.3:a:redhat:policycoreutils:2.0.62
-
cpe:2.3:a:redhat:policycoreutils:2.0.63
-
cpe:2.3:a:redhat:policycoreutils:2.0.64
-
cpe:2.3:a:redhat:policycoreutils:2.0.65
-
cpe:2.3:a:redhat:policycoreutils:2.0.66
-
cpe:2.3:a:redhat:policycoreutils:2.0.67
-
cpe:2.3:a:redhat:policycoreutils:2.0.68
-
cpe:2.3:a:redhat:policycoreutils:2.0.69
-
cpe:2.3:a:redhat:policycoreutils:2.0.7
-
cpe:2.3:a:redhat:policycoreutils:2.0.70
-
cpe:2.3:a:redhat:policycoreutils:2.0.71
-
cpe:2.3:a:redhat:policycoreutils:2.0.72
-
cpe:2.3:a:redhat:policycoreutils:2.0.73
-
cpe:2.3:a:redhat:policycoreutils:2.0.74
-
cpe:2.3:a:redhat:policycoreutils:2.0.75
-
cpe:2.3:a:redhat:policycoreutils:2.0.76
-
cpe:2.3:a:redhat:policycoreutils:2.0.77
-
cpe:2.3:a:redhat:policycoreutils:2.0.78
-
cpe:2.3:a:redhat:policycoreutils:2.0.79
-
cpe:2.3:a:redhat:policycoreutils:2.0.8
-
cpe:2.3:a:redhat:policycoreutils:2.0.80
-
cpe:2.3:a:redhat:policycoreutils:2.0.81
-
cpe:2.3:a:redhat:policycoreutils:2.0.82
-
cpe:2.3:a:redhat:policycoreutils:2.0.9
-
cpe:2.3:o:redhat:enterprise_linux:3
-
cpe:2.3:o:redhat:enterprise_linux:4
-
cpe:2.3:o:redhat:enterprise_linux:5
-
cpe:2.3:o:redhat:enterprise_linux:6.0
-
cpe:2.3:o:redhat:fedora:10
-
cpe:2.3:o:redhat:fedora:12
-
cpe:2.3:o:redhat:fedora:13
-
cpe:2.3:o:redhat:fedora:14
-
cpe:2.3:o:redhat:fedora:6
-
cpe:2.3:o:redhat:fedora:7
-
cpe:2.3:o:redhat:fedora:8
-
cpe:2.3:o:redhat:fedora:9