Description
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
| AND |
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 6 | |||
| policycoreutils-0:2.0.83-19.8.el6_0 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2011:0414 | 2011-04-04T00:00:00Z |
| selinux-policy-0:3.7.19-54.el6_0.5 | cpe:/o:redhat:enterprise_linux:6 | RHSA-2011:0414 | 2011-04-04T00:00:00Z |
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2011-1028 | The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T22:14:26.827Z
Reserved: 2011-02-14T00:00:00.000Z
Link: CVE-2011-1011
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-02-24T21:00:18.253
Modified: 2026-04-29T01:13:23.040
Link: CVE-2011-1011
Redhat
OpenCVE Enrichment
No data.
Weaknesses