Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2011-1011

Published: Feb 24, 2011 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.9 MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
6.9 IMPORTANT
AV:L/AC:M/Au:N/C:C/I:C/A:C
RedHat/V3
Ubuntu
LOW
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2011-1011
CWEhttps://cwe.mitre.org/data/definitions/264.html

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.

Affected Software

Name Vendor Start Version End Version
Policycoreutils Redhat * 2.0.83 (including)
Policycoreutils Redhat 1.0 (including) 1.0 (including)
Policycoreutils Redhat 1.1 (including) 1.1 (including)
Policycoreutils Redhat 1.2 (including) 1.2 (including)
Policycoreutils Redhat 1.4 (including) 1.4 (including)
Policycoreutils Redhat 1.6 (including) 1.6 (including)
Policycoreutils Redhat 1.8 (including) 1.8 (including)
Policycoreutils Redhat 1.10 (including) 1.10 (including)
Policycoreutils Redhat 1.12 (including) 1.12 (including)
Policycoreutils Redhat 1.14 (including) 1.14 (including)
Policycoreutils Redhat 1.16 (including) 1.16 (including)
Policycoreutils Redhat 1.18 (including) 1.18 (including)
Policycoreutils Redhat 1.20 (including) 1.20 (including)
Policycoreutils Redhat 1.21.1 (including) 1.21.1 (including)
Policycoreutils Redhat 1.21.2 (including) 1.21.2 (including)
Policycoreutils Redhat 1.21.3 (including) 1.21.3 (including)
Policycoreutils Redhat 1.21.4 (including) 1.21.4 (including)
Policycoreutils Redhat 1.21.5 (including) 1.21.5 (including)
Policycoreutils Redhat 1.21.6 (including) 1.21.6 (including)
Policycoreutils Redhat 1.21.7 (including) 1.21.7 (including)
Policycoreutils Redhat 1.21.8 (including) 1.21.8 (including)
Policycoreutils Redhat 1.21.9 (including) 1.21.9 (including)
Policycoreutils Redhat 1.21.10 (including) 1.21.10 (including)
Policycoreutils Redhat 1.21.11 (including) 1.21.11 (including)
Policycoreutils Redhat 1.21.12 (including) 1.21.12 (including)
Policycoreutils Redhat 1.21.13 (including) 1.21.13 (including)
Policycoreutils Redhat 1.21.14 (including) 1.21.14 (including)
Policycoreutils Redhat 1.21.15 (including) 1.21.15 (including)
Policycoreutils Redhat 1.21.16 (including) 1.21.16 (including)
Policycoreutils Redhat 1.21.17 (including) 1.21.17 (including)
Policycoreutils Redhat 1.21.18 (including) 1.21.18 (including)
Policycoreutils Redhat 1.21.19 (including) 1.21.19 (including)
Policycoreutils Redhat 1.21.20 (including) 1.21.20 (including)
Policycoreutils Redhat 1.21.21 (including) 1.21.21 (including)
Policycoreutils Redhat 1.21.22 (including) 1.21.22 (including)
Policycoreutils Redhat 1.22 (including) 1.22 (including)
Policycoreutils Redhat 1.23.1 (including) 1.23.1 (including)
Policycoreutils Redhat 1.23.2 (including) 1.23.2 (including)
Policycoreutils Redhat 1.23.3 (including) 1.23.3 (including)
Policycoreutils Redhat 1.23.4 (including) 1.23.4 (including)
Policycoreutils Redhat 1.23.5 (including) 1.23.5 (including)
Policycoreutils Redhat 1.23.6 (including) 1.23.6 (including)
Policycoreutils Redhat 1.23.7 (including) 1.23.7 (including)
Policycoreutils Redhat 1.23.8 (including) 1.23.8 (including)
Policycoreutils Redhat 1.23.9 (including) 1.23.9 (including)
Policycoreutils Redhat 1.23.10 (including) 1.23.10 (including)
Policycoreutils Redhat 1.23.11 (including) 1.23.11 (including)
Policycoreutils Redhat 1.24 (including) 1.24 (including)
Policycoreutils Redhat 1.25.1 (including) 1.25.1 (including)
Policycoreutils Redhat 1.25.2 (including) 1.25.2 (including)
Policycoreutils Redhat 1.25.3 (including) 1.25.3 (including)
Policycoreutils Redhat 1.25.4 (including) 1.25.4 (including)
Policycoreutils Redhat 1.25.5 (including) 1.25.5 (including)
Policycoreutils Redhat 1.25.6 (including) 1.25.6 (including)
Policycoreutils Redhat 1.25.7 (including) 1.25.7 (including)
Policycoreutils Redhat 1.25.8 (including) 1.25.8 (including)
Policycoreutils Redhat 1.25.9 (including) 1.25.9 (including)
Policycoreutils Redhat 1.26 (including) 1.26 (including)
Policycoreutils Redhat 1.27.1 (including) 1.27.1 (including)
Policycoreutils Redhat 1.27.2 (including) 1.27.2 (including)
Policycoreutils Redhat 1.27.3 (including) 1.27.3 (including)
Policycoreutils Redhat 1.27.4 (including) 1.27.4 (including)
Policycoreutils Redhat 1.27.5 (including) 1.27.5 (including)
Policycoreutils Redhat 1.27.6 (including) 1.27.6 (including)
Policycoreutils Redhat 1.27.7 (including) 1.27.7 (including)
Policycoreutils Redhat 1.27.8 (including) 1.27.8 (including)
Policycoreutils Redhat 1.27.9 (including) 1.27.9 (including)
Policycoreutils Redhat 1.27.10 (including) 1.27.10 (including)
Policycoreutils Redhat 1.27.11 (including) 1.27.11 (including)
Policycoreutils Redhat 1.27.12 (including) 1.27.12 (including)
Policycoreutils Redhat 1.27.13 (including) 1.27.13 (including)
Policycoreutils Redhat 1.27.14 (including) 1.27.14 (including)
Policycoreutils Redhat 1.27.15 (including) 1.27.15 (including)
Policycoreutils Redhat 1.27.16 (including) 1.27.16 (including)
Policycoreutils Redhat 1.27.17 (including) 1.27.17 (including)
Policycoreutils Redhat 1.27.18 (including) 1.27.18 (including)
Policycoreutils Redhat 1.27.19 (including) 1.27.19 (including)
Policycoreutils Redhat 1.27.20 (including) 1.27.20 (including)
Policycoreutils Redhat 1.27.21 (including) 1.27.21 (including)
Policycoreutils Redhat 1.27.22 (including) 1.27.22 (including)
Policycoreutils Redhat 1.27.23 (including) 1.27.23 (including)
Policycoreutils Redhat 1.27.24 (including) 1.27.24 (including)
Policycoreutils Redhat 1.27.25 (including) 1.27.25 (including)
Policycoreutils Redhat 1.27.26 (including) 1.27.26 (including)
Policycoreutils Redhat 1.27.27 (including) 1.27.27 (including)
Policycoreutils Redhat 1.27.28 (including) 1.27.28 (including)
Policycoreutils Redhat 1.27.29 (including) 1.27.29 (including)
Policycoreutils Redhat 1.27.30 (including) 1.27.30 (including)
Policycoreutils Redhat 1.27.31 (including) 1.27.31 (including)
Policycoreutils Redhat 1.27.32 (including) 1.27.32 (including)
Policycoreutils Redhat 1.27.33 (including) 1.27.33 (including)
Policycoreutils Redhat 1.27.34 (including) 1.27.34 (including)
Policycoreutils Redhat 1.27.35 (including) 1.27.35 (including)
Policycoreutils Redhat 1.27.36 (including) 1.27.36 (including)
Policycoreutils Redhat 1.27.37 (including) 1.27.37 (including)
Policycoreutils Redhat 1.28 (including) 1.28 (including)
Policycoreutils Redhat 1.29.1 (including) 1.29.1 (including)
Policycoreutils Redhat 1.29.2 (including) 1.29.2 (including)
Policycoreutils Redhat 1.29.3 (including) 1.29.3 (including)
Policycoreutils Redhat 1.29.4 (including) 1.29.4 (including)
Policycoreutils Redhat 1.29.5 (including) 1.29.5 (including)
Policycoreutils Redhat 1.29.6 (including) 1.29.6 (including)
Policycoreutils Redhat 1.29.7 (including) 1.29.7 (including)
Policycoreutils Redhat 1.29.8 (including) 1.29.8 (including)
Policycoreutils Redhat 1.29.9 (including) 1.29.9 (including)
Policycoreutils Redhat 1.29.10 (including) 1.29.10 (including)
Policycoreutils Redhat 1.29.11 (including) 1.29.11 (including)
Policycoreutils Redhat 1.29.12 (including) 1.29.12 (including)
Policycoreutils Redhat 1.29.13 (including) 1.29.13 (including)
Policycoreutils Redhat 1.29.14 (including) 1.29.14 (including)
Policycoreutils Redhat 1.29.15 (including) 1.29.15 (including)
Policycoreutils Redhat 1.29.16 (including) 1.29.16 (including)
Policycoreutils Redhat 1.29.17 (including) 1.29.17 (including)
Policycoreutils Redhat 1.29.18 (including) 1.29.18 (including)
Policycoreutils Redhat 1.29.19 (including) 1.29.19 (including)
Policycoreutils Redhat 1.29.20 (including) 1.29.20 (including)
Policycoreutils Redhat 1.29.21 (including) 1.29.21 (including)
Policycoreutils Redhat 1.29.22 (including) 1.29.22 (including)
Policycoreutils Redhat 1.29.23 (including) 1.29.23 (including)
Policycoreutils Redhat 1.29.24 (including) 1.29.24 (including)
Policycoreutils Redhat 1.29.25 (including) 1.29.25 (including)
Policycoreutils Redhat 1.29.26 (including) 1.29.26 (including)
Policycoreutils Redhat 1.29.27 (including) 1.29.27 (including)
Policycoreutils Redhat 1.29.28 (including) 1.29.28 (including)
Policycoreutils Redhat 1.30 (including) 1.30 (including)
Policycoreutils Redhat 1.30.1 (including) 1.30.1 (including)
Policycoreutils Redhat 1.30.2 (including) 1.30.2 (including)
Policycoreutils Redhat 1.30.3 (including) 1.30.3 (including)
Policycoreutils Redhat 1.30.4 (including) 1.30.4 (including)
Policycoreutils Redhat 1.30.5 (including) 1.30.5 (including)
Policycoreutils Redhat 1.30.6 (including) 1.30.6 (including)
Policycoreutils Redhat 1.30.7 (including) 1.30.7 (including)
Policycoreutils Redhat 1.30.8 (including) 1.30.8 (including)
Policycoreutils Redhat 1.30.9 (including) 1.30.9 (including)
Policycoreutils Redhat 1.30.10 (including) 1.30.10 (including)
Policycoreutils Redhat 1.30.11 (including) 1.30.11 (including)
Policycoreutils Redhat 1.30.12 (including) 1.30.12 (including)
Policycoreutils Redhat 1.30.13 (including) 1.30.13 (including)
Policycoreutils Redhat 1.30.14 (including) 1.30.14 (including)
Policycoreutils Redhat 1.30.15 (including) 1.30.15 (including)
Policycoreutils Redhat 1.30.16 (including) 1.30.16 (including)
Policycoreutils Redhat 1.30.17 (including) 1.30.17 (including)
Policycoreutils Redhat 1.30.18 (including) 1.30.18 (including)
Policycoreutils Redhat 1.30.19 (including) 1.30.19 (including)
Policycoreutils Redhat 1.30.20 (including) 1.30.20 (including)
Policycoreutils Redhat 1.30.21 (including) 1.30.21 (including)
Policycoreutils Redhat 1.30.22 (including) 1.30.22 (including)
Policycoreutils Redhat 1.30.23 (including) 1.30.23 (including)
Policycoreutils Redhat 1.30.24 (including) 1.30.24 (including)
Policycoreutils Redhat 1.30.25 (including) 1.30.25 (including)
Policycoreutils Redhat 1.30.26 (including) 1.30.26 (including)
Policycoreutils Redhat 1.30.27 (including) 1.30.27 (including)
Policycoreutils Redhat 1.30.28 (including) 1.30.28 (including)
Policycoreutils Redhat 1.30.29 (including) 1.30.29 (including)
Policycoreutils Redhat 1.30.30 (including) 1.30.30 (including)
Policycoreutils Redhat 1.30.31 (including) 1.30.31 (including)
Policycoreutils Redhat 1.32 (including) 1.32 (including)
Policycoreutils Redhat 1.33.1 (including) 1.33.1 (including)
Policycoreutils Redhat 1.33.2 (including) 1.33.2 (including)
Policycoreutils Redhat 1.33.3 (including) 1.33.3 (including)
Policycoreutils Redhat 1.33.4 (including) 1.33.4 (including)
Policycoreutils Redhat 1.33.5 (including) 1.33.5 (including)
Policycoreutils Redhat 1.33.6 (including) 1.33.6 (including)
Policycoreutils Redhat 1.33.7 (including) 1.33.7 (including)
Policycoreutils Redhat 1.33.8 (including) 1.33.8 (including)
Policycoreutils Redhat 1.33.9 (including) 1.33.9 (including)
Policycoreutils Redhat 1.33.10 (including) 1.33.10 (including)
Policycoreutils Redhat 1.33.11 (including) 1.33.11 (including)
Policycoreutils Redhat 1.33.12 (including) 1.33.12 (including)
Policycoreutils Redhat 1.33.13 (including) 1.33.13 (including)
Policycoreutils Redhat 1.33.14 (including) 1.33.14 (including)
Policycoreutils Redhat 1.33.15 (including) 1.33.15 (including)
Policycoreutils Redhat 1.33.16 (including) 1.33.16 (including)
Policycoreutils Redhat 1.34.0 (including) 1.34.0 (including)
Policycoreutils Redhat 1.34.1 (including) 1.34.1 (including)
Policycoreutils Redhat 2.0.0 (including) 2.0.0 (including)
Policycoreutils Redhat 2.0.1 (including) 2.0.1 (including)
Policycoreutils Redhat 2.0.2 (including) 2.0.2 (including)
Policycoreutils Redhat 2.0.3 (including) 2.0.3 (including)
Policycoreutils Redhat 2.0.4 (including) 2.0.4 (including)
Policycoreutils Redhat 2.0.5 (including) 2.0.5 (including)
Policycoreutils Redhat 2.0.6 (including) 2.0.6 (including)
Policycoreutils Redhat 2.0.7 (including) 2.0.7 (including)
Policycoreutils Redhat 2.0.8 (including) 2.0.8 (including)
Policycoreutils Redhat 2.0.9 (including) 2.0.9 (including)
Policycoreutils Redhat 2.0.10 (including) 2.0.10 (including)
Policycoreutils Redhat 2.0.11 (including) 2.0.11 (including)
Policycoreutils Redhat 2.0.12 (including) 2.0.12 (including)
Policycoreutils Redhat 2.0.13 (including) 2.0.13 (including)
Policycoreutils Redhat 2.0.14 (including) 2.0.14 (including)
Policycoreutils Redhat 2.0.15 (including) 2.0.15 (including)
Policycoreutils Redhat 2.0.16 (including) 2.0.16 (including)
Policycoreutils Redhat 2.0.17 (including) 2.0.17 (including)
Policycoreutils Redhat 2.0.18 (including) 2.0.18 (including)
Policycoreutils Redhat 2.0.19 (including) 2.0.19 (including)
Policycoreutils Redhat 2.0.20 (including) 2.0.20 (including)
Policycoreutils Redhat 2.0.21 (including) 2.0.21 (including)
Policycoreutils Redhat 2.0.22 (including) 2.0.22 (including)
Policycoreutils Redhat 2.0.23 (including) 2.0.23 (including)
Policycoreutils Redhat 2.0.24 (including) 2.0.24 (including)
Policycoreutils Redhat 2.0.25 (including) 2.0.25 (including)
Policycoreutils Redhat 2.0.26 (including) 2.0.26 (including)
Policycoreutils Redhat 2.0.27 (including) 2.0.27 (including)
Policycoreutils Redhat 2.0.28 (including) 2.0.28 (including)
Policycoreutils Redhat 2.0.29 (including) 2.0.29 (including)
Policycoreutils Redhat 2.0.30 (including) 2.0.30 (including)
Policycoreutils Redhat 2.0.31 (including) 2.0.31 (including)
Policycoreutils Redhat 2.0.32 (including) 2.0.32 (including)
Policycoreutils Redhat 2.0.33 (including) 2.0.33 (including)
Policycoreutils Redhat 2.0.34 (including) 2.0.34 (including)
Policycoreutils Redhat 2.0.35 (including) 2.0.35 (including)
Policycoreutils Redhat 2.0.36 (including) 2.0.36 (including)
Policycoreutils Redhat 2.0.37 (including) 2.0.37 (including)
Policycoreutils Redhat 2.0.38 (including) 2.0.38 (including)
Policycoreutils Redhat 2.0.39 (including) 2.0.39 (including)
Policycoreutils Redhat 2.0.40 (including) 2.0.40 (including)
Policycoreutils Redhat 2.0.41 (including) 2.0.41 (including)
Policycoreutils Redhat 2.0.42 (including) 2.0.42 (including)
Policycoreutils Redhat 2.0.43 (including) 2.0.43 (including)
Policycoreutils Redhat 2.0.44 (including) 2.0.44 (including)
Policycoreutils Redhat 2.0.45 (including) 2.0.45 (including)
Policycoreutils Redhat 2.0.46 (including) 2.0.46 (including)
Policycoreutils Redhat 2.0.47 (including) 2.0.47 (including)
Policycoreutils Redhat 2.0.48 (including) 2.0.48 (including)
Policycoreutils Redhat 2.0.49 (including) 2.0.49 (including)
Policycoreutils Redhat 2.0.50 (including) 2.0.50 (including)
Policycoreutils Redhat 2.0.51 (including) 2.0.51 (including)
Policycoreutils Redhat 2.0.52 (including) 2.0.52 (including)
Policycoreutils Redhat 2.0.53 (including) 2.0.53 (including)
Policycoreutils Redhat 2.0.54 (including) 2.0.54 (including)
Policycoreutils Redhat 2.0.55 (including) 2.0.55 (including)
Policycoreutils Redhat 2.0.56 (including) 2.0.56 (including)
Policycoreutils Redhat 2.0.57 (including) 2.0.57 (including)
Policycoreutils Redhat 2.0.58 (including) 2.0.58 (including)
Policycoreutils Redhat 2.0.59 (including) 2.0.59 (including)
Policycoreutils Redhat 2.0.60 (including) 2.0.60 (including)
Policycoreutils Redhat 2.0.61 (including) 2.0.61 (including)
Policycoreutils Redhat 2.0.62 (including) 2.0.62 (including)
Policycoreutils Redhat 2.0.63 (including) 2.0.63 (including)
Policycoreutils Redhat 2.0.64 (including) 2.0.64 (including)
Policycoreutils Redhat 2.0.65 (including) 2.0.65 (including)
Policycoreutils Redhat 2.0.66 (including) 2.0.66 (including)
Policycoreutils Redhat 2.0.67 (including) 2.0.67 (including)
Policycoreutils Redhat 2.0.68 (including) 2.0.68 (including)
Policycoreutils Redhat 2.0.69 (including) 2.0.69 (including)
Policycoreutils Redhat 2.0.70 (including) 2.0.70 (including)
Policycoreutils Redhat 2.0.71 (including) 2.0.71 (including)
Policycoreutils Redhat 2.0.72 (including) 2.0.72 (including)
Policycoreutils Redhat 2.0.73 (including) 2.0.73 (including)
Policycoreutils Redhat 2.0.74 (including) 2.0.74 (including)
Policycoreutils Redhat 2.0.75 (including) 2.0.75 (including)
Policycoreutils Redhat 2.0.76 (including) 2.0.76 (including)
Policycoreutils Redhat 2.0.77 (including) 2.0.77 (including)
Policycoreutils Redhat 2.0.78 (including) 2.0.78 (including)
Policycoreutils Redhat 2.0.79 (including) 2.0.79 (including)
Policycoreutils Redhat 2.0.80 (including) 2.0.80 (including)
Policycoreutils Redhat 2.0.81 (including) 2.0.81 (including)
Policycoreutils Redhat 2.0.82 (including) 2.0.82 (including)
Red Hat Enterprise Linux 6 RedHat policycoreutils-0:2.0.83-19.8.el6_0 *
Red Hat Enterprise Linux 6 RedHat selinux-policy-0:3.7.19-54.el6_0.5 *
Policycoreutils Ubuntu artful *
Policycoreutils Ubuntu cosmic *
Policycoreutils Ubuntu dapper *
Policycoreutils Ubuntu hardy *
Policycoreutils Ubuntu karmic *
Policycoreutils Ubuntu lucid *
Policycoreutils Ubuntu maverick *
Policycoreutils Ubuntu natty *
Policycoreutils Ubuntu oneiric *
Policycoreutils Ubuntu precise *
Policycoreutils Ubuntu quantal *
Policycoreutils Ubuntu raring *
Policycoreutils Ubuntu saucy *
Policycoreutils Ubuntu trusty *
Policycoreutils Ubuntu upstream *
Policycoreutils Ubuntu utopic *
Policycoreutils Ubuntu vivid *
Policycoreutils Ubuntu wily *
Policycoreutils Ubuntu yakkety *
Policycoreutils Ubuntu zesty *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use