Search criteria

3 vulnerabilities found for policycoreutils by redhat

FKIE_CVE-2011-1011

Vulnerability from fkie_nvd - Published: 2011-02-24 21:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
References
secalert@redhat.comhttp://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/02/23/1
secalert@redhat.comhttp://openwall.com/lists/oss-security/2011/02/23/2
secalert@redhat.comhttp://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197
secalert@redhat.comhttp://secunia.com/advisories/43415Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/43844
secalert@redhat.comhttp://secunia.com/advisories/44034
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2011-0414.html
secalert@redhat.comhttp://www.securityfocus.com/bid/46510
secalert@redhat.comhttp://www.securitytracker.com/id?1025291
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/0701
secalert@redhat.comhttp://www.vupen.com/english/advisories/2011/0864
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=633544Patch
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/65641
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/02/23/1
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/02/23/2
af854a3a-2127-422b-91ae-364da2661108http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43415Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43844
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44034
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-0414.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/46510
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025291
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0701
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0864
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=633544Patch
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/65641
Impacted products
Vendor Product Version
redhat policycoreutils *
redhat policycoreutils 1.0
redhat policycoreutils 1.1
redhat policycoreutils 1.2
redhat policycoreutils 1.4
redhat policycoreutils 1.6
redhat policycoreutils 1.8
redhat policycoreutils 1.10
redhat policycoreutils 1.12
redhat policycoreutils 1.14
redhat policycoreutils 1.16
redhat policycoreutils 1.18
redhat policycoreutils 1.20
redhat policycoreutils 1.21.1
redhat policycoreutils 1.21.2
redhat policycoreutils 1.21.3
redhat policycoreutils 1.21.4
redhat policycoreutils 1.21.5
redhat policycoreutils 1.21.6
redhat policycoreutils 1.21.7
redhat policycoreutils 1.21.8
redhat policycoreutils 1.21.9
redhat policycoreutils 1.21.10
redhat policycoreutils 1.21.11
redhat policycoreutils 1.21.12
redhat policycoreutils 1.21.13
redhat policycoreutils 1.21.14
redhat policycoreutils 1.21.15
redhat policycoreutils 1.21.16
redhat policycoreutils 1.21.17
redhat policycoreutils 1.21.18
redhat policycoreutils 1.21.19
redhat policycoreutils 1.21.20
redhat policycoreutils 1.21.21
redhat policycoreutils 1.21.22
redhat policycoreutils 1.22
redhat policycoreutils 1.23.1
redhat policycoreutils 1.23.2
redhat policycoreutils 1.23.3
redhat policycoreutils 1.23.4
redhat policycoreutils 1.23.5
redhat policycoreutils 1.23.6
redhat policycoreutils 1.23.7
redhat policycoreutils 1.23.8
redhat policycoreutils 1.23.9
redhat policycoreutils 1.23.10
redhat policycoreutils 1.23.11
redhat policycoreutils 1.24
redhat policycoreutils 1.25.1
redhat policycoreutils 1.25.2
redhat policycoreutils 1.25.3
redhat policycoreutils 1.25.4
redhat policycoreutils 1.25.5
redhat policycoreutils 1.25.6
redhat policycoreutils 1.25.7
redhat policycoreutils 1.25.8
redhat policycoreutils 1.25.9
redhat policycoreutils 1.26
redhat policycoreutils 1.27.1
redhat policycoreutils 1.27.2
redhat policycoreutils 1.27.3
redhat policycoreutils 1.27.4
redhat policycoreutils 1.27.5
redhat policycoreutils 1.27.6
redhat policycoreutils 1.27.7
redhat policycoreutils 1.27.8
redhat policycoreutils 1.27.9
redhat policycoreutils 1.27.10
redhat policycoreutils 1.27.11
redhat policycoreutils 1.27.12
redhat policycoreutils 1.27.13
redhat policycoreutils 1.27.14
redhat policycoreutils 1.27.15
redhat policycoreutils 1.27.16
redhat policycoreutils 1.27.17
redhat policycoreutils 1.27.18
redhat policycoreutils 1.27.19
redhat policycoreutils 1.27.20
redhat policycoreutils 1.27.21
redhat policycoreutils 1.27.22
redhat policycoreutils 1.27.23
redhat policycoreutils 1.27.24
redhat policycoreutils 1.27.25
redhat policycoreutils 1.27.26
redhat policycoreutils 1.27.27
redhat policycoreutils 1.27.28
redhat policycoreutils 1.27.29
redhat policycoreutils 1.27.30
redhat policycoreutils 1.27.31
redhat policycoreutils 1.27.32
redhat policycoreutils 1.27.33
redhat policycoreutils 1.27.34
redhat policycoreutils 1.27.35
redhat policycoreutils 1.27.36
redhat policycoreutils 1.27.37
redhat policycoreutils 1.28
redhat policycoreutils 1.29.1
redhat policycoreutils 1.29.2
redhat policycoreutils 1.29.3
redhat policycoreutils 1.29.4
redhat policycoreutils 1.29.5
redhat policycoreutils 1.29.6
redhat policycoreutils 1.29.7
redhat policycoreutils 1.29.8
redhat policycoreutils 1.29.9
redhat policycoreutils 1.29.10
redhat policycoreutils 1.29.11
redhat policycoreutils 1.29.12
redhat policycoreutils 1.29.13
redhat policycoreutils 1.29.14
redhat policycoreutils 1.29.15
redhat policycoreutils 1.29.16
redhat policycoreutils 1.29.17
redhat policycoreutils 1.29.18
redhat policycoreutils 1.29.19
redhat policycoreutils 1.29.20
redhat policycoreutils 1.29.21
redhat policycoreutils 1.29.22
redhat policycoreutils 1.29.23
redhat policycoreutils 1.29.24
redhat policycoreutils 1.29.25
redhat policycoreutils 1.29.26
redhat policycoreutils 1.29.27
redhat policycoreutils 1.29.28
redhat policycoreutils 1.30
redhat policycoreutils 1.30.1
redhat policycoreutils 1.30.2
redhat policycoreutils 1.30.3
redhat policycoreutils 1.30.4
redhat policycoreutils 1.30.5
redhat policycoreutils 1.30.6
redhat policycoreutils 1.30.7
redhat policycoreutils 1.30.8
redhat policycoreutils 1.30.9
redhat policycoreutils 1.30.10
redhat policycoreutils 1.30.11
redhat policycoreutils 1.30.12
redhat policycoreutils 1.30.13
redhat policycoreutils 1.30.14
redhat policycoreutils 1.30.15
redhat policycoreutils 1.30.16
redhat policycoreutils 1.30.17
redhat policycoreutils 1.30.18
redhat policycoreutils 1.30.19
redhat policycoreutils 1.30.20
redhat policycoreutils 1.30.21
redhat policycoreutils 1.30.22
redhat policycoreutils 1.30.23
redhat policycoreutils 1.30.24
redhat policycoreutils 1.30.25
redhat policycoreutils 1.30.26
redhat policycoreutils 1.30.27
redhat policycoreutils 1.30.28
redhat policycoreutils 1.30.29
redhat policycoreutils 1.30.30
redhat policycoreutils 1.30.31
redhat policycoreutils 1.32
redhat policycoreutils 1.33.1
redhat policycoreutils 1.33.2
redhat policycoreutils 1.33.3
redhat policycoreutils 1.33.4
redhat policycoreutils 1.33.5
redhat policycoreutils 1.33.6
redhat policycoreutils 1.33.7
redhat policycoreutils 1.33.8
redhat policycoreutils 1.33.9
redhat policycoreutils 1.33.10
redhat policycoreutils 1.33.11
redhat policycoreutils 1.33.12
redhat policycoreutils 1.33.13
redhat policycoreutils 1.33.14
redhat policycoreutils 1.33.15
redhat policycoreutils 1.33.16
redhat policycoreutils 1.34.0
redhat policycoreutils 1.34.1
redhat policycoreutils 2.0.0
redhat policycoreutils 2.0.1
redhat policycoreutils 2.0.2
redhat policycoreutils 2.0.3
redhat policycoreutils 2.0.4
redhat policycoreutils 2.0.5
redhat policycoreutils 2.0.6
redhat policycoreutils 2.0.7
redhat policycoreutils 2.0.8
redhat policycoreutils 2.0.9
redhat policycoreutils 2.0.10
redhat policycoreutils 2.0.11
redhat policycoreutils 2.0.12
redhat policycoreutils 2.0.13
redhat policycoreutils 2.0.14
redhat policycoreutils 2.0.15
redhat policycoreutils 2.0.16
redhat policycoreutils 2.0.17
redhat policycoreutils 2.0.18
redhat policycoreutils 2.0.19
redhat policycoreutils 2.0.20
redhat policycoreutils 2.0.21
redhat policycoreutils 2.0.22
redhat policycoreutils 2.0.23
redhat policycoreutils 2.0.24
redhat policycoreutils 2.0.25
redhat policycoreutils 2.0.26
redhat policycoreutils 2.0.27
redhat policycoreutils 2.0.28
redhat policycoreutils 2.0.29
redhat policycoreutils 2.0.30
redhat policycoreutils 2.0.31
redhat policycoreutils 2.0.32
redhat policycoreutils 2.0.33
redhat policycoreutils 2.0.34
redhat policycoreutils 2.0.35
redhat policycoreutils 2.0.36
redhat policycoreutils 2.0.37
redhat policycoreutils 2.0.38
redhat policycoreutils 2.0.39
redhat policycoreutils 2.0.40
redhat policycoreutils 2.0.41
redhat policycoreutils 2.0.42
redhat policycoreutils 2.0.43
redhat policycoreutils 2.0.44
redhat policycoreutils 2.0.45
redhat policycoreutils 2.0.46
redhat policycoreutils 2.0.47
redhat policycoreutils 2.0.48
redhat policycoreutils 2.0.49
redhat policycoreutils 2.0.50
redhat policycoreutils 2.0.51
redhat policycoreutils 2.0.52
redhat policycoreutils 2.0.53
redhat policycoreutils 2.0.54
redhat policycoreutils 2.0.55
redhat policycoreutils 2.0.56
redhat policycoreutils 2.0.57
redhat policycoreutils 2.0.58
redhat policycoreutils 2.0.59
redhat policycoreutils 2.0.60
redhat policycoreutils 2.0.61
redhat policycoreutils 2.0.62
redhat policycoreutils 2.0.63
redhat policycoreutils 2.0.64
redhat policycoreutils 2.0.65
redhat policycoreutils 2.0.66
redhat policycoreutils 2.0.67
redhat policycoreutils 2.0.68
redhat policycoreutils 2.0.69
redhat policycoreutils 2.0.70
redhat policycoreutils 2.0.71
redhat policycoreutils 2.0.72
redhat policycoreutils 2.0.73
redhat policycoreutils 2.0.74
redhat policycoreutils 2.0.75
redhat policycoreutils 2.0.76
redhat policycoreutils 2.0.77
redhat policycoreutils 2.0.78
redhat policycoreutils 2.0.79
redhat policycoreutils 2.0.80
redhat policycoreutils 2.0.81
redhat policycoreutils 2.0.82
redhat enterprise_linux 3
redhat enterprise_linux 4
redhat enterprise_linux 5
redhat enterprise_linux 6.0
redhat fedora 6
redhat fedora 7
redhat fedora 8
redhat fedora 9
redhat fedora 10
redhat fedora 12
redhat fedora 13
redhat fedora 14
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACABA049-0D89-4C6A-AAD4-38742A40AECD",
              "versionEndIncluding": "2.0.83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BEB7CAB-459D-45A3-9074-F764E4A3BC8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67173D9-8899-4BF6-89A4-8C6D1EC60702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2B3FDB9-8096-4089-8336-738B8C363B24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "490B5FB8-D9E8-4029-A1C6-80F80C4B7441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B99F9E63-2FEE-49F4-926F-1D425618222E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6188159-D38F-4EAD-95F1-98D1E8EBC59E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D1DEBE-A691-4C64-8CC6-EB9B1577A852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3768F8-F8D1-4030-9B61-764A12104F8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DBBDB97-27F1-4FAC-B932-67DD05816C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FF346BD-2A35-4D90-94D6-6A2CFA262722",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6E7B2E-831C-4F3D-AF59-6BCAABF81FC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C233D0EB-4615-4746-A249-5943F487DD56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7FD6A8-8589-4D61-BF3D-786560EC5B49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "00F7373D-7A55-4BBB-9559-3E5C5AE6D1F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DE48FA8-D6C5-4049-8EC8-0DE385E1734C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "410F017C-30E7-4165-A6C9-5875DCBAF905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F39C01A-5AA0-404D-A7E5-EF9AB1F055C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "40E0BBA3-AC40-4651-8BEA-FF150EF24EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE18E87-7C85-4723-92FA-9EA8208B416C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC65AD50-9887-40CD-A38F-AC27F5A7744B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7843A2EF-0BEB-419B-8885-487052CEE47F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C984F763-C7F9-485F-8011-70B174A26951",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F2E7DDD-6C5B-4AAB-AADD-B1063E5FFB1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E7B0BC-19AF-40A4-94D9-0CAD96973A30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "854812AD-239A-4931-A483-3F78345607EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "94D737FB-9C6C-4CA1-8012-B13654E8EB87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD5AC0B-944D-426F-B6B3-B8D51978EE7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F8EBA37-50ED-4E62-AF2A-7D81A8EF82C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B0EE597-D0F8-4112-8088-1F58BEE47049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFA8840E-9B07-4DD5-8A6C-D50BFBF04630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "31F43AD4-20F5-4E0A-825C-B8D49237C99B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7F79EFB-D24B-431C-B6E8-7DE994F5207A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2A51CF-5C4E-4D84-BA59-4F1E659F28DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.21.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "85D41212-87C9-43D4-ABE9-19F67C20F96E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE990FE-1DBB-40CB-8D08-7288A2944EB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27C92674-2F62-44FF-896B-7239C6276B67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F416C27-1426-4851-BB39-5D3A7B1B3601",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC30CDBB-B741-442E-BF6D-983D880D9F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF1D104-094C-4743-9B16-B4E385EA1A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "217EBAF9-8CB4-40C9-9579-DF852681B7F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A911B6C1-FDCA-44FB-A0D8-8A13EB46CD76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AB1F2F0-C36A-4154-B433-6ECDD5F1394E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C03ED500-DB30-44A4-9208-38BA611B6B11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A41668-02B9-459B-BD94-B833438BE4C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9825632-2C0C-4231-978B-D04FB9720F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.23.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "31AD8C5D-9C9C-44BD-8F5A-3B9794748B04",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D311ADE-DF31-44E3-B7E9-5CBAAD72E129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74B93A3A-F986-4D99-AE14-AFB11D8748F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8701DC1-ECB8-4642-A829-ABBBD6E954AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D648BD6-9D1D-44BF-A275-E4E8FF5F5D10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0039015A-7B2F-4042-B609-4C370967BDED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7667238-D42C-47E3-9369-8E91DAF331DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2193EA59-195A-43A2-BF2F-291AF3BF3849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "301A23B6-1C0B-475B-8DFE-FE323F0831CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "174AE4B6-AC02-40E3-AB3F-0A37EF291DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.25.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A730E8D-90C0-438E-94FA-FED6ADE42C50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDFEAD29-3AE1-44FA-BFED-66790B32C328",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA3CA781-A726-4309-B694-75F2C5923367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E738101-1A1A-46EA-A566-78BAE0103534",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "21FA4FB1-5C54-4081-8EC0-6861320586B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "80B99FB1-A091-4EEA-BB60-5B2EE2A4C872",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CF9C25D-E76D-407F-A2D4-E59590411998",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8176AA-A9C3-42D1-A5A5-F23071487106",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFEDE788-59C1-4414-B2A0-A53E4E165581",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4640CD5-1DEC-4337-A875-ABE7D332CE1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "23636C6A-3904-43B7-9F89-7BAD8E81B276",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E04C6D1-59D3-4B23-A60F-34CEA2EFCF78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B1C8A5B-9978-434F-857A-1B18210B0A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6324879-C76B-4F8A-B257-BA91359B0BE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED249479-803F-4843-841B-182705FC516D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04F4988A-8B2D-449D-A7D6-29508BF9B199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1325437-CFAC-413A-B608-4D408E51B618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE576DC9-95FB-4E5D-913C-4B2767930189",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEA82EBD-5ADC-4457-9D76-6E784633765D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24C9814-4ED6-4856-88A1-F8C4B71EAFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B426E5-5C26-423F-995E-A749455CC044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6B75A6D-3302-42FC-9834-28F932F30D92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C38D9BB4-8DEA-4C9F-A98E-DCE184E33373",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "55FD4CBA-2475-4FA0-A972-10637057470A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "2569A322-FDA2-41CD-8867-34622378537D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "55725156-48BD-428A-A33D-08C13BCDFCBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "515E4EA8-913B-45D1-AB92-9607830823C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A31856D-0EFD-4660-B9A4-E1D966C9D65B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FB86A4C-44A9-4FAF-BD48-3D315A6A5D6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD9CDBD-1FCA-473F-8ECA-2909C70F508F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "43875AEF-3CE0-4B0C-BF55-B13455A61E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "9647AD6F-3AE8-4FDD-BDC0-54EB795601C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EA3D1A2-964A-44FC-89A2-FA68079B5088",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0B52F0-80C0-4E8A-98F1-2A820E809343",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "1ED0FF3D-65A3-4988-B1AF-C49D814F4404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BBD5D81-7F76-421C-9D57-04EB57D00B84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "931941D0-3F46-4459-A763-DE01C1B84A54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "30F043FD-95F6-4512-9A86-6F2BF64B4FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.27.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "3174EE37-CC92-49E1-AE2E-285899BBD10E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B775FE3-482D-481D-B4B5-BD73C23B9557",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14211C26-8C6A-4A8D-9976-FCBC3401A6D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "043B1615-E370-4D25-892C-2EB7D1DF5DCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7E4E2E-F1EA-43AE-94FB-5DD2D01119B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A018B3D-02E9-4263-8360-4CD66C6D47D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E478D35E-CA73-468A-907B-63B80B12F1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1AEB948-6223-4609-B4BA-EDB93F31AC3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "342E8AC4-02B0-42E9-B8B1-C7B93442D85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DAD7D79-2C4B-4052-8970-AC29126C6785",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F676DCF-4EEE-4493-9C46-AF555D14C397",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "70D2E555-81E9-4BC2-99EF-1D2605B73EFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AD5E41C-A643-4FD4-BD2F-4F0DEC4718DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DC6E06C-FA85-4C0D-A7AF-FB224B65A9BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFEA4555-EA8B-40F7-8AEB-307381B734A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A18EF73-952B-41E9-98D2-C43D0FAEDD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E63BD43-62C0-44B4-A183-6040229C2DB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "567CA842-ABE1-4639-BB4E-5E980056E46B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "77C6070B-3846-46D3-8A81-CD12A1512C0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8CEBA11-8B56-4EAC-B75B-BF100AA4B00F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "257A61F4-3628-4C6C-BABD-8610D71A6952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C90034F-BF45-492A-A9DF-E8AA4D2BB3C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1862FEF-3790-45A3-AE8C-5B89785AAF40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "75652778-955B-4A68-AE87-A02740B91964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFD0103D-E009-48A6-9B81-4773202CBEE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C46BAA-80FD-474C-90F7-0D5EADC5C338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E27D0C2-1B1A-4E07-9F23-41C06655B1EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7CA4AE6-8FCC-4AC0-ACEB-2E96EDDE4A11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC844A13-180B-4C46-B102-E3650F9A4D2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.29.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3662E04-9191-424D-BB37-FC5B59E2E44E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "38ACA851-8161-4EB0-AB7D-D413343DC410",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5064A761-4655-488B-A369-2F051AE19C83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C22A49B3-72C0-4C5E-9158-41A10B5E8F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "69929AD0-569F-46E5-9C76-2E33421F6F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D04513C-E5DA-442F-A536-ED69C39C4D7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "344E0A50-5582-4B81-8A7D-3ED974B04325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F234D04-8FAF-4F9E-9578-97D28131B329",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "687F1DC4-AAA7-406F-98E9-CAC3180D07E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA7354EE-8C64-4429-9923-C47B8250CAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9EE222B-69A9-4AD3-B16B-13E4A5033F33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6269D0C3-9F97-46FB-A44E-3E6A7346A938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D884DC86-42BD-4516-A257-93A4C1A71BB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7006E60C-BF4C-47EA-B47A-C725F9FD4474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "704E7C46-FEA1-460A-9D1C-FBBFA89831B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "220E02F7-38F5-47C4-BC95-92267D905019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F68DFC8-C139-46BA-BD36-8CEF73A08637",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "A123FED7-7121-4103-B130-FAFC33FFD589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA2BC23-2060-4F8C-8D9E-DC9FD23A6EEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E267CBE-CEE2-41A2-A21E-3A876018148E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3D5A05D-7CD0-46E0-89D7-49418C5B7873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "507CF6F9-72E2-424C-92AD-2E1F5F49BE32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9AD3E6D-0D1E-4E7E-AD83-FE7DD3B9AD96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "E88501A2-EE75-4F67-A5F8-1625A255D1E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0C44D9C-7902-4F64-B7E2-77BD186ADC0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "7265C1DE-C79B-439B-BF02-9EB37689DD35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "6466937E-5B06-4CC6-B113-7F28F1CA1AF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "B33AF71A-EA10-4654-A487-A5509B40509C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D01BDAC-F459-473A-8551-C1E9C095D4C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "E443A3C5-50D5-482C-924A-3FA61143DBAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B82348A-97FC-43D6-88BF-04C3662F9212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A4BE6B5-A8F0-4339-8320-E2A24607DFB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.30.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D06B75-1BB7-4EBB-9F1A-B6EC3830E946",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC2BA8B-C4F9-4651-8DE8-B4620C39191F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A8E3616-1537-4928-881A-348695CADB3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "901B70D6-9F53-4023-9D56-2A17CD71AAA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C42E0B-2402-4C7E-BB22-62EF957B6754",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DECE746-AC40-4BC8-BB6F-774B6E6AC03C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "83687403-B90A-4D34-AD11-F3CBB0B76B01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "7584A7C0-A2E1-4FB0-B25D-EE2343BD9320",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "46402C64-1A8D-4C7E-9D7D-80313A2F324F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "705E101D-B50A-4442-84A5-E7C60407FADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D5FC815-E171-454D-B1B5-5C048246C72D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "182A025F-1EF5-4854-AB63-CB7A04145713",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD9793F9-71CC-4787-97CE-EFEA0D9BEF45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0A4C766-7BF3-48D4-964E-A0FC3F900E6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E89D0DFC-2CD3-45C7-B191-C36E2C3D7B94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7A1E406-F152-40B1-879B-66F4AF92FFE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2CD63EE-5910-474F-9159-252BABBF7571",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.33.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5B18FA2-DF48-4872-84D5-31B57067C244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.34.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A57BC89-B4C9-45AB-B46B-09566320E412",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:1.34.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F61DA06-435A-4AF6-9C87-A2C96D92AAE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F67F2E8C-C9C0-404E-8414-D6A2E009FAFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5D478FB-2F52-40C8-9B72-1E529B078BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8B5CAFA-5A29-4DC3-A2D5-259200EBBB07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1FABC0-886F-4BD6-8C58-177E6F10A129",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "425400AB-DDFF-40F3-86D1-93F1AE5A5800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDD2182B-8FDD-4F2E-BCE5-D94B4C9F56D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "420C0AB2-346A-449D-8301-98E836501D1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51E4ACF-D698-4809-9CE1-B7DE9920345F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D36AA1CE-B42A-47E9-92DE-DAA186DF0C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CED68EE-4160-49F8-A21A-40B0BD2E61D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FC41430-DD5B-40E7-8148-FF8E6603BCF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1CFFDFD-5115-447A-997C-123A69435C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CC08FEB-6923-400A-8B7A-2D710D774A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "55009AE0-E1AD-4E47-A06B-613EEB71D8F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CD4B809-4199-4105-B535-FE092DBEA177",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B3EE763-DC0A-400F-B504-ACE2FBB3749E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1C176E5-0C6B-4C4E-9303-CC21D6BCB6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFA4EEA3-8C0F-4F65-82F6-0DD7CA4979F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7B6A909-AFE4-4D00-A954-BFF97F37FD46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A6D3862-0989-484C-B594-4E2CAA4DF2A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "140EFD2B-8186-4EA0-9C50-BAA73FB7305F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3138CB7-58B2-4407-8AF9-C77D66F63C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BAEE570-307B-4899-AD61-39C8903FB617",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E479443-8249-4367-AE9B-86D664CD69F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "711F38AC-521E-4ABE-8BDE-A22942811CB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "032196D4-2B7F-4CB2-A0CB-807F25DDDEFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D00290D-8BA7-4AC2-8DA2-F734D320EFDA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA895D19-23D0-4F71-8B35-CA30E4CCCBB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "B63325BC-D67A-4E47-95F4-AA2ED114BF19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "965BF0A3-8D80-41C0-82EE-773830C7B67C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "4172D2D3-C3DD-42D1-94E5-4B440326B8B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C19DEED-BC7E-47A3-A68D-7DA71D08691E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BCBED4F-F594-4CD2-AA79-E88611E0CE37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "998E01E5-8C95-4824-B4E8-9D70D047B491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "1519C364-CCC9-463F-AB21-41FC733A6A3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "67731FF5-F948-4E63-93B4-0DD8F9C2C926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B87E032-A388-4788-AC11-B278A1C15F6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDC527BC-96C8-4110-9953-96CEB68894C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C967CD-F92F-43AB-8CB5-8EB8BDBEB8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B87EAF4-25F8-44CB-A08C-CC32E40DD95A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "630D60A6-D285-4FE5-BD7A-50719BC60C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D41BFC-73B1-4F9D-A2B0-A9D7FB240DEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EB5481E-80FD-4641-B4D3-51271059E9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB45748A-0FA8-4D53-BD4A-CBF066914952",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C86EBE8-4A10-40C9-92CB-F363203B559D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "51DFF558-559C-4EFA-90E9-15E271D767C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "540A5DDB-876E-4171-87A4-E8F20B7C03D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "C817981B-4059-4C1E-ACC0-7CD93285CE1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FD68CF5-DF2E-4A18-BB09-541103DF9430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7EB5FD9-9D99-4061-AAE9-836228E2E0D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA56C2C1-EA6F-4AB9-B262-3A2451BACF3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AE813F-A7ED-4221-8845-DA66BEEB13D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "751DC35B-2F3C-435E-BC8F-05DA56D80AC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "211518B0-8C99-4671-ADB1-C1BDDFE04A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "52DD0959-3745-43CE-8177-DC58D0B6AF96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "1443B4E9-7DDF-452B-9C64-DAA10A2384EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F2B8225-2171-4A44-859B-5A00E2853407",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A661466-8CE4-4266-A9AA-210FFEB24C65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3250262-A1E0-455D-ACD5-4FE6F9A760B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "933466F9-2FF1-463C-A636-15CDD5EF82B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "28DC0C77-0D1B-4EB0-AD8A-1B5F400D4E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DE3D055-2A73-443C-9633-4E59CD018BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7E27211-D736-4A05-8401-2B510CF2EF8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F5D92AE-8ADF-494D-B3B2-130EDDD92A5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB186327-4E32-4860-9D95-DABEC68E12EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C350975-BB85-4BFE-A455-02C211C02EDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E22672-50D7-44A9-B088-AF70762CDDE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E62999C-6FF8-468B-B48F-0EC1EA7ED74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF342A8-5B65-4298-9365-F9DC06E6AC5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.69:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ACF914E-5FCC-4408-B099-0088F432F00B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4E82EEE-D0BF-4DF2-B8C6-6355DCE57F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A9F3387-BCD8-4A7A-B7D8-9A43EB14453E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2CF9C72-9C96-40A0-B0BA-E7003385C277",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "424D4A74-20D9-412D-B9D1-1114340B2181",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A9D2606-22AE-4B1D-BD7F-A583C0DADCDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "87970866-616B-43A5-A093-7A3BA87E1714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9A466DD-A246-48AE-B805-A5AF8BF02DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2B0FE78-1291-42B1-84CB-BE03F7921594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.78:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDC5ECE-5353-4990-B263-1835746AD820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4B05E10-89F8-4C26-A630-CF55ABB52A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.80:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EB6E239-0170-4EB0-8311-E932BCD64A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.81:*:*:*:*:*:*:*",
              "matchCriteriaId": "9602AC1B-792B-4C43-A7CF-768BD4653D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:policycoreutils:2.0.82:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEA419D1-038E-4DDF-BF95-57AFBFF93375",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:*",
              "matchCriteriaId": "444EBE64-D3C8-41E9-8E02-22C6BDA2876B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA2C244C-82F6-49BC-B7F7-54AB989C43E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE785318-36E2-4865-918F-CCCDD0995C68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE2027FA-357A-4BE3-9043-6DE8307C040A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E8256F-3FB6-45B2-8F03-02A61C10FAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D32A30CD-EA21-4AA6-868F-3448AA50B70D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA70E035-8475-4046-ABD7-5AE59F874EBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3854B743-1636-4334-8786-A450A3E81363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:13:*:*:*:*:*:*:*",
              "matchCriteriaId": "85E7554D-3B60-4BD6-A388-259894EC0214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:fedora:14:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA03548F-0C09-403E-B3B4-6E0DB094D47E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n seunshare_mount en sandbox/seunshare.c en seunshare en ciertos paquetes de Red Hat de policycoreutils v2.0.83 y anteriores de Red Hat Enterprise Linux (RHEL) v6 y anteriores, y Fedora v14 y anteriores, monta un nuevo directorio en la parte superior de /tmp sin asignar la pertenencia de root y el bit sticky a este nuevo directorio, lo que permite a usuarios locales reemplazar o eliminar de archivos /tmp de su elecci\u00f3n, y por lo tanto provocar una denegaci\u00f3n de servicio o ganar privilegios en su caso, mediante la ejecuci\u00f3n de una aplicaci\u00f3n setuid que se basa en /tmp, como demostrado por la aplicaci\u00f3n de KSU."
    }
  ],
  "id": "CVE-2011-1011",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-02-24T21:00:18.253",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43415"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43844"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44034"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/46510"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1025291"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0701"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0864"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43415"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43844"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44034"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46510"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025291"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0701"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2011-1011 (GCVE-0-2011-1011)

Vulnerability from cvelistv5 – Published: 2011-02-24 20:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
https://bugzilla.redhat.com/show_bug.cgi?id=633544 x_refsource_CONFIRM
http://secunia.com/advisories/44034 third-party-advisoryx_refsource_SECUNIA
http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
http://www.securitytracker.com/id?1025291 vdb-entryx_refsource_SECTRACK
http://pkgs.fedoraproject.org/gitweb/?p=policycor… x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/43844 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0701 vdb-entryx_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2011-04… vendor-advisoryx_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0864 vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/46510 vdb-entryx_refsource_BID
http://openwall.com/lists/oss-security/2011/02/23/1 mailing-listx_refsource_MLIST
http://secunia.com/advisories/43415 third-party-advisoryx_refsource_SECUNIA
http://openwall.com/lists/oss-security/2011/02/23/2 mailing-listx_refsource_MLIST
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:26.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
          },
          {
            "name": "44034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44034"
          },
          {
            "name": "20110222 Developers should not rely on the stickiness of /tmp on Red Hat Linux",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
          },
          {
            "name": "1025291",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025291"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
          },
          {
            "name": "policycoreutils-seunshare-symlink(65641)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
          },
          {
            "name": "43844",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43844"
          },
          {
            "name": "ADV-2011-0701",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0701"
          },
          {
            "name": "FEDORA-2011-3043",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
          },
          {
            "name": "RHSA-2011:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
          },
          {
            "name": "ADV-2011-0864",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0864"
          },
          {
            "name": "46510",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46510"
          },
          {
            "name": "[oss-security] 20110222 CVE Request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
          },
          {
            "name": "43415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43415"
          },
          {
            "name": "[oss-security] 20110223 Re: CVE Request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
        },
        {
          "name": "44034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44034"
        },
        {
          "name": "20110222 Developers should not rely on the stickiness of /tmp on Red Hat Linux",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
        },
        {
          "name": "1025291",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025291"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
        },
        {
          "name": "policycoreutils-seunshare-symlink(65641)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
        },
        {
          "name": "43844",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43844"
        },
        {
          "name": "ADV-2011-0701",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0701"
        },
        {
          "name": "FEDORA-2011-3043",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
        },
        {
          "name": "RHSA-2011:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
        },
        {
          "name": "ADV-2011-0864",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0864"
        },
        {
          "name": "46510",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46510"
        },
        {
          "name": "[oss-security] 20110222 CVE Request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
        },
        {
          "name": "43415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43415"
        },
        {
          "name": "[oss-security] 20110223 Re: CVE Request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1011",
    "datePublished": "2011-02-24T20:00:00",
    "dateReserved": "2011-02-14T00:00:00",
    "dateUpdated": "2024-08-06T22:14:26.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1011 (GCVE-0-2011-1011)

Vulnerability from nvd – Published: 2011-02-24 20:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
https://bugzilla.redhat.com/show_bug.cgi?id=633544 x_refsource_CONFIRM
http://secunia.com/advisories/44034 third-party-advisoryx_refsource_SECUNIA
http://archives.neohapsis.com/archives/fulldisclo… mailing-listx_refsource_FULLDISC
http://www.securitytracker.com/id?1025291 vdb-entryx_refsource_SECTRACK
http://pkgs.fedoraproject.org/gitweb/?p=policycor… x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
http://secunia.com/advisories/43844 third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0701 vdb-entryx_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-… vendor-advisoryx_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2011-04… vendor-advisoryx_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0864 vdb-entryx_refsource_VUPEN
http://www.securityfocus.com/bid/46510 vdb-entryx_refsource_BID
http://openwall.com/lists/oss-security/2011/02/23/1 mailing-listx_refsource_MLIST
http://secunia.com/advisories/43415 third-party-advisoryx_refsource_SECUNIA
http://openwall.com/lists/oss-security/2011/02/23/2 mailing-listx_refsource_MLIST
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:26.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
          },
          {
            "name": "44034",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44034"
          },
          {
            "name": "20110222 Developers should not rely on the stickiness of /tmp on Red Hat Linux",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
          },
          {
            "name": "1025291",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025291"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
          },
          {
            "name": "policycoreutils-seunshare-symlink(65641)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
          },
          {
            "name": "43844",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43844"
          },
          {
            "name": "ADV-2011-0701",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0701"
          },
          {
            "name": "FEDORA-2011-3043",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
          },
          {
            "name": "RHSA-2011:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
          },
          {
            "name": "ADV-2011-0864",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0864"
          },
          {
            "name": "46510",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46510"
          },
          {
            "name": "[oss-security] 20110222 CVE Request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
          },
          {
            "name": "43415",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43415"
          },
          {
            "name": "[oss-security] 20110223 Re: CVE Request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633544"
        },
        {
          "name": "44034",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44034"
        },
        {
          "name": "20110222 Developers should not rely on the stickiness of /tmp on Red Hat Linux",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2011-02/0585.html"
        },
        {
          "name": "1025291",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025291"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://pkgs.fedoraproject.org/gitweb/?p=policycoreutils.git%3Ba=blob%3Bf=policycoreutils-rhat.patch%3Bh=d4db5bc06027de23d12a4b3f18fa6f9b1517df27%3Bhb=HEAD#l2197"
        },
        {
          "name": "policycoreutils-seunshare-symlink(65641)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65641"
        },
        {
          "name": "43844",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43844"
        },
        {
          "name": "ADV-2011-0701",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0701"
        },
        {
          "name": "FEDORA-2011-3043",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056227.html"
        },
        {
          "name": "RHSA-2011:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0414.html"
        },
        {
          "name": "ADV-2011-0864",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0864"
        },
        {
          "name": "46510",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46510"
        },
        {
          "name": "[oss-security] 20110222 CVE Request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/23/1"
        },
        {
          "name": "43415",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43415"
        },
        {
          "name": "[oss-security] 20110223 Re: CVE Request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/02/23/2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-1011",
    "datePublished": "2011-02-24T20:00:00",
    "dateReserved": "2011-02-14T00:00:00",
    "dateUpdated": "2024-08-06T22:14:26.827Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}