Search CVE reports
1 – 4 of 4 results
CVE-2021-36087
Low prioritySome fixes available 4 of 6
The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.
1 affected package
libsepol
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsepol | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-36086
Low prioritySome fixes available 3 of 5
The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).
1 affected package
libsepol
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsepol | — | Not affected | Fixed | Fixed | Not affected |
CVE-2021-36085
Low prioritySome fixes available 4 of 6
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).
1 affected package
libsepol
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsepol | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-36084
Low prioritySome fixes available 4 of 6
The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).
1 affected package
libsepol
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| libsepol | — | Not affected | Fixed | Fixed | Fixed |