-
Notifications
You must be signed in to change notification settings - Fork 39
/
OSV-2021-421.yaml
58 lines (57 loc) · 1.36 KB
/
OSV-2021-421.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
id: OSV-2021-421
summary: Heap-use-after-free in __cil_verify_classperms
details: |
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
```
Crash type: Heap-use-after-free READ 8
Crash state:
__cil_verify_classperms
__verify_map_perm_classperms
hashtab_map
```
modified: '2022-04-13T03:04:42.358814Z'
published: '2021-02-20T00:00:20.081676Z'
references:
- type: REPORT
url: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
affected:
- package:
name: selinux
ecosystem: OSS-Fuzz
ranges:
- type: GIT
repo: https://github.com/SELinuxProject/selinux
events:
- introduced: 0451adebdf153eee1f69914141311114a0130982
- fixed: 2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
versions:
- '3.2'
- 3.2-rc3
- checkpolicy-3.2
- checkpolicy-3.2-rc3
- libselinux-3.2
- libselinux-3.2-rc3
- libsemanage-3.2
- libsemanage-3.2-rc3
- libsepol-3.2
- libsepol-3.2-rc3
- mcstrans-3.2
- mcstrans-3.2-rc3
- policycoreutils-3.2
- policycoreutils-3.2-rc3
- restorecond-3.2
- restorecond-3.2-rc3
- secilc-3.2
- secilc-3.2-rc3
- selinux-dbus-3.2
- selinux-dbus-3.2-rc3
- selinux-gui-3.2
- selinux-gui-3.2-rc3
- selinux-python-3.2
- selinux-python-3.2-rc3
- selinux-sandbox-3.2
- selinux-sandbox-3.2-rc3
- semodule-utils-3.2
- semodule-utils-3.2-rc3
ecosystem_specific:
severity: HIGH