Debian Policycoreutils vulnerabilities

CVE-2018-1063 [MEDIUM] CVE-2018-1063: policycoreutils - Context relabeling of filesystems is vulnerable to symbolic link attack, allowin... Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue wa

CVE-2016-7545 [HIGH] CVE-2016-7545: policycoreutils - SELinux policycoreutils allows local users to execute arbitrary commands outside... SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. Scope: local bookworm: resolved (fixed in 2.5-3) bullseye: resolved (fixed in 2.5-3) forky: resolved (fixed in 2.5-3) sid: resolved (fixed in 2.5-3) trixie: resolved (fixed in 2.5-3)

CVE-2014-3215 [MEDIUM] CVE-2014-3215: policycoreutils - seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and e... seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges. S