The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit to this new directory, which allows local users to replace or delete arbitrary /tmp files, and consequently cause a denial of service or possibly gain privileges, by running a setuid application that relies on /tmp, as demonstrated by the ksu application.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Policycoreutils | Redhat | * | 2.0.83 (including) |
| Policycoreutils | Redhat | 1.0 (including) | 1.0 (including) |
| Policycoreutils | Redhat | 1.1 (including) | 1.1 (including) |
| Policycoreutils | Redhat | 1.2 (including) | 1.2 (including) |
| Policycoreutils | Redhat | 1.4 (including) | 1.4 (including) |
| Policycoreutils | Redhat | 1.6 (including) | 1.6 (including) |
| Policycoreutils | Redhat | 1.8 (including) | 1.8 (including) |
| Policycoreutils | Redhat | 1.10 (including) | 1.10 (including) |
| Policycoreutils | Redhat | 1.12 (including) | 1.12 (including) |
| Policycoreutils | Redhat | 1.14 (including) | 1.14 (including) |
| Policycoreutils | Redhat | 1.16 (including) | 1.16 (including) |
| Policycoreutils | Redhat | 1.18 (including) | 1.18 (including) |
| Policycoreutils | Redhat | 1.20 (including) | 1.20 (including) |
| Policycoreutils | Redhat | 1.21.1 (including) | 1.21.1 (including) |
| Policycoreutils | Redhat | 1.21.2 (including) | 1.21.2 (including) |
| Policycoreutils | Redhat | 1.21.3 (including) | 1.21.3 (including) |
| Policycoreutils | Redhat | 1.21.4 (including) | 1.21.4 (including) |
| Policycoreutils | Redhat | 1.21.5 (including) | 1.21.5 (including) |
| Policycoreutils | Redhat | 1.21.6 (including) | 1.21.6 (including) |
| Policycoreutils | Redhat | 1.21.7 (including) | 1.21.7 (including) |
| Policycoreutils | Redhat | 1.21.8 (including) | 1.21.8 (including) |
| Policycoreutils | Redhat | 1.21.9 (including) | 1.21.9 (including) |
| Policycoreutils | Redhat | 1.21.10 (including) | 1.21.10 (including) |
| Policycoreutils | Redhat | 1.21.11 (including) | 1.21.11 (including) |
| Policycoreutils | Redhat | 1.21.12 (including) | 1.21.12 (including) |
| Policycoreutils | Redhat | 1.21.13 (including) | 1.21.13 (including) |
| Policycoreutils | Redhat | 1.21.14 (including) | 1.21.14 (including) |
| Policycoreutils | Redhat | 1.21.15 (including) | 1.21.15 (including) |
| Policycoreutils | Redhat | 1.21.16 (including) | 1.21.16 (including) |
| Policycoreutils | Redhat | 1.21.17 (including) | 1.21.17 (including) |
| Policycoreutils | Redhat | 1.21.18 (including) | 1.21.18 (including) |
| Policycoreutils | Redhat | 1.21.19 (including) | 1.21.19 (including) |
| Policycoreutils | Redhat | 1.21.20 (including) | 1.21.20 (including) |
| Policycoreutils | Redhat | 1.21.21 (including) | 1.21.21 (including) |
| Policycoreutils | Redhat | 1.21.22 (including) | 1.21.22 (including) |
| Policycoreutils | Redhat | 1.22 (including) | 1.22 (including) |
| Policycoreutils | Redhat | 1.23.1 (including) | 1.23.1 (including) |
| Policycoreutils | Redhat | 1.23.2 (including) | 1.23.2 (including) |
| Policycoreutils | Redhat | 1.23.3 (including) | 1.23.3 (including) |
| Policycoreutils | Redhat | 1.23.4 (including) | 1.23.4 (including) |
| Policycoreutils | Redhat | 1.23.5 (including) | 1.23.5 (including) |
| Policycoreutils | Redhat | 1.23.6 (including) | 1.23.6 (including) |
| Policycoreutils | Redhat | 1.23.7 (including) | 1.23.7 (including) |
| Policycoreutils | Redhat | 1.23.8 (including) | 1.23.8 (including) |
| Policycoreutils | Redhat | 1.23.9 (including) | 1.23.9 (including) |
| Policycoreutils | Redhat | 1.23.10 (including) | 1.23.10 (including) |
| Policycoreutils | Redhat | 1.23.11 (including) | 1.23.11 (including) |
| Policycoreutils | Redhat | 1.24 (including) | 1.24 (including) |
| Policycoreutils | Redhat | 1.25.1 (including) | 1.25.1 (including) |
| Policycoreutils | Redhat | 1.25.2 (including) | 1.25.2 (including) |
| Policycoreutils | Redhat | 1.25.3 (including) | 1.25.3 (including) |
| Policycoreutils | Redhat | 1.25.4 (including) | 1.25.4 (including) |
| Policycoreutils | Redhat | 1.25.5 (including) | 1.25.5 (including) |
| Policycoreutils | Redhat | 1.25.6 (including) | 1.25.6 (including) |
| Policycoreutils | Redhat | 1.25.7 (including) | 1.25.7 (including) |
| Policycoreutils | Redhat | 1.25.8 (including) | 1.25.8 (including) |
| Policycoreutils | Redhat | 1.25.9 (including) | 1.25.9 (including) |
| Policycoreutils | Redhat | 1.26 (including) | 1.26 (including) |
| Policycoreutils | Redhat | 1.27.1 (including) | 1.27.1 (including) |
| Policycoreutils | Redhat | 1.27.2 (including) | 1.27.2 (including) |
| Policycoreutils | Redhat | 1.27.3 (including) | 1.27.3 (including) |
| Policycoreutils | Redhat | 1.27.4 (including) | 1.27.4 (including) |
| Policycoreutils | Redhat | 1.27.5 (including) | 1.27.5 (including) |
| Policycoreutils | Redhat | 1.27.6 (including) | 1.27.6 (including) |
| Policycoreutils | Redhat | 1.27.7 (including) | 1.27.7 (including) |
| Policycoreutils | Redhat | 1.27.8 (including) | 1.27.8 (including) |
| Policycoreutils | Redhat | 1.27.9 (including) | 1.27.9 (including) |
| Policycoreutils | Redhat | 1.27.10 (including) | 1.27.10 (including) |
| Policycoreutils | Redhat | 1.27.11 (including) | 1.27.11 (including) |
| Policycoreutils | Redhat | 1.27.12 (including) | 1.27.12 (including) |
| Policycoreutils | Redhat | 1.27.13 (including) | 1.27.13 (including) |
| Policycoreutils | Redhat | 1.27.14 (including) | 1.27.14 (including) |
| Policycoreutils | Redhat | 1.27.15 (including) | 1.27.15 (including) |
| Policycoreutils | Redhat | 1.27.16 (including) | 1.27.16 (including) |
| Policycoreutils | Redhat | 1.27.17 (including) | 1.27.17 (including) |
| Policycoreutils | Redhat | 1.27.18 (including) | 1.27.18 (including) |
| Policycoreutils | Redhat | 1.27.19 (including) | 1.27.19 (including) |
| Policycoreutils | Redhat | 1.27.20 (including) | 1.27.20 (including) |
| Policycoreutils | Redhat | 1.27.21 (including) | 1.27.21 (including) |
| Policycoreutils | Redhat | 1.27.22 (including) | 1.27.22 (including) |
| Policycoreutils | Redhat | 1.27.23 (including) | 1.27.23 (including) |
| Policycoreutils | Redhat | 1.27.24 (including) | 1.27.24 (including) |
| Policycoreutils | Redhat | 1.27.25 (including) | 1.27.25 (including) |
| Policycoreutils | Redhat | 1.27.26 (including) | 1.27.26 (including) |
| Policycoreutils | Redhat | 1.27.27 (including) | 1.27.27 (including) |
| Policycoreutils | Redhat | 1.27.28 (including) | 1.27.28 (including) |
| Policycoreutils | Redhat | 1.27.29 (including) | 1.27.29 (including) |
| Policycoreutils | Redhat | 1.27.30 (including) | 1.27.30 (including) |
| Policycoreutils | Redhat | 1.27.31 (including) | 1.27.31 (including) |
| Policycoreutils | Redhat | 1.27.32 (including) | 1.27.32 (including) |
| Policycoreutils | Redhat | 1.27.33 (including) | 1.27.33 (including) |
| Policycoreutils | Redhat | 1.27.34 (including) | 1.27.34 (including) |
| Policycoreutils | Redhat | 1.27.35 (including) | 1.27.35 (including) |
| Policycoreutils | Redhat | 1.27.36 (including) | 1.27.36 (including) |
| Policycoreutils | Redhat | 1.27.37 (including) | 1.27.37 (including) |
| Policycoreutils | Redhat | 1.28 (including) | 1.28 (including) |
| Policycoreutils | Redhat | 1.29.1 (including) | 1.29.1 (including) |
| Policycoreutils | Redhat | 1.29.2 (including) | 1.29.2 (including) |
| Policycoreutils | Redhat | 1.29.3 (including) | 1.29.3 (including) |
| Policycoreutils | Redhat | 1.29.4 (including) | 1.29.4 (including) |
| Policycoreutils | Redhat | 1.29.5 (including) | 1.29.5 (including) |
| Policycoreutils | Redhat | 1.29.6 (including) | 1.29.6 (including) |
| Policycoreutils | Redhat | 1.29.7 (including) | 1.29.7 (including) |
| Policycoreutils | Redhat | 1.29.8 (including) | 1.29.8 (including) |
| Policycoreutils | Redhat | 1.29.9 (including) | 1.29.9 (including) |
| Policycoreutils | Redhat | 1.29.10 (including) | 1.29.10 (including) |
| Policycoreutils | Redhat | 1.29.11 (including) | 1.29.11 (including) |
| Policycoreutils | Redhat | 1.29.12 (including) | 1.29.12 (including) |
| Policycoreutils | Redhat | 1.29.13 (including) | 1.29.13 (including) |
| Policycoreutils | Redhat | 1.29.14 (including) | 1.29.14 (including) |
| Policycoreutils | Redhat | 1.29.15 (including) | 1.29.15 (including) |
| Policycoreutils | Redhat | 1.29.16 (including) | 1.29.16 (including) |
| Policycoreutils | Redhat | 1.29.17 (including) | 1.29.17 (including) |
| Policycoreutils | Redhat | 1.29.18 (including) | 1.29.18 (including) |
| Policycoreutils | Redhat | 1.29.19 (including) | 1.29.19 (including) |
| Policycoreutils | Redhat | 1.29.20 (including) | 1.29.20 (including) |
| Policycoreutils | Redhat | 1.29.21 (including) | 1.29.21 (including) |
| Policycoreutils | Redhat | 1.29.22 (including) | 1.29.22 (including) |
| Policycoreutils | Redhat | 1.29.23 (including) | 1.29.23 (including) |
| Policycoreutils | Redhat | 1.29.24 (including) | 1.29.24 (including) |
| Policycoreutils | Redhat | 1.29.25 (including) | 1.29.25 (including) |
| Policycoreutils | Redhat | 1.29.26 (including) | 1.29.26 (including) |
| Policycoreutils | Redhat | 1.29.27 (including) | 1.29.27 (including) |
| Policycoreutils | Redhat | 1.29.28 (including) | 1.29.28 (including) |
| Policycoreutils | Redhat | 1.30 (including) | 1.30 (including) |
| Policycoreutils | Redhat | 1.30.1 (including) | 1.30.1 (including) |
| Policycoreutils | Redhat | 1.30.2 (including) | 1.30.2 (including) |
| Policycoreutils | Redhat | 1.30.3 (including) | 1.30.3 (including) |
| Policycoreutils | Redhat | 1.30.4 (including) | 1.30.4 (including) |
| Policycoreutils | Redhat | 1.30.5 (including) | 1.30.5 (including) |
| Policycoreutils | Redhat | 1.30.6 (including) | 1.30.6 (including) |
| Policycoreutils | Redhat | 1.30.7 (including) | 1.30.7 (including) |
| Policycoreutils | Redhat | 1.30.8 (including) | 1.30.8 (including) |
| Policycoreutils | Redhat | 1.30.9 (including) | 1.30.9 (including) |
| Policycoreutils | Redhat | 1.30.10 (including) | 1.30.10 (including) |
| Policycoreutils | Redhat | 1.30.11 (including) | 1.30.11 (including) |
| Policycoreutils | Redhat | 1.30.12 (including) | 1.30.12 (including) |
| Policycoreutils | Redhat | 1.30.13 (including) | 1.30.13 (including) |
| Policycoreutils | Redhat | 1.30.14 (including) | 1.30.14 (including) |
| Policycoreutils | Redhat | 1.30.15 (including) | 1.30.15 (including) |
| Policycoreutils | Redhat | 1.30.16 (including) | 1.30.16 (including) |
| Policycoreutils | Redhat | 1.30.17 (including) | 1.30.17 (including) |
| Policycoreutils | Redhat | 1.30.18 (including) | 1.30.18 (including) |
| Policycoreutils | Redhat | 1.30.19 (including) | 1.30.19 (including) |
| Policycoreutils | Redhat | 1.30.20 (including) | 1.30.20 (including) |
| Policycoreutils | Redhat | 1.30.21 (including) | 1.30.21 (including) |
| Policycoreutils | Redhat | 1.30.22 (including) | 1.30.22 (including) |
| Policycoreutils | Redhat | 1.30.23 (including) | 1.30.23 (including) |
| Policycoreutils | Redhat | 1.30.24 (including) | 1.30.24 (including) |
| Policycoreutils | Redhat | 1.30.25 (including) | 1.30.25 (including) |
| Policycoreutils | Redhat | 1.30.26 (including) | 1.30.26 (including) |
| Policycoreutils | Redhat | 1.30.27 (including) | 1.30.27 (including) |
| Policycoreutils | Redhat | 1.30.28 (including) | 1.30.28 (including) |
| Policycoreutils | Redhat | 1.30.29 (including) | 1.30.29 (including) |
| Policycoreutils | Redhat | 1.30.30 (including) | 1.30.30 (including) |
| Policycoreutils | Redhat | 1.30.31 (including) | 1.30.31 (including) |
| Policycoreutils | Redhat | 1.32 (including) | 1.32 (including) |
| Policycoreutils | Redhat | 1.33.1 (including) | 1.33.1 (including) |
| Policycoreutils | Redhat | 1.33.2 (including) | 1.33.2 (including) |
| Policycoreutils | Redhat | 1.33.3 (including) | 1.33.3 (including) |
| Policycoreutils | Redhat | 1.33.4 (including) | 1.33.4 (including) |
| Policycoreutils | Redhat | 1.33.5 (including) | 1.33.5 (including) |
| Policycoreutils | Redhat | 1.33.6 (including) | 1.33.6 (including) |
| Policycoreutils | Redhat | 1.33.7 (including) | 1.33.7 (including) |
| Policycoreutils | Redhat | 1.33.8 (including) | 1.33.8 (including) |
| Policycoreutils | Redhat | 1.33.9 (including) | 1.33.9 (including) |
| Policycoreutils | Redhat | 1.33.10 (including) | 1.33.10 (including) |
| Policycoreutils | Redhat | 1.33.11 (including) | 1.33.11 (including) |
| Policycoreutils | Redhat | 1.33.12 (including) | 1.33.12 (including) |
| Policycoreutils | Redhat | 1.33.13 (including) | 1.33.13 (including) |
| Policycoreutils | Redhat | 1.33.14 (including) | 1.33.14 (including) |
| Policycoreutils | Redhat | 1.33.15 (including) | 1.33.15 (including) |
| Policycoreutils | Redhat | 1.33.16 (including) | 1.33.16 (including) |
| Policycoreutils | Redhat | 1.34.0 (including) | 1.34.0 (including) |
| Policycoreutils | Redhat | 1.34.1 (including) | 1.34.1 (including) |
| Policycoreutils | Redhat | 2.0.0 (including) | 2.0.0 (including) |
| Policycoreutils | Redhat | 2.0.1 (including) | 2.0.1 (including) |
| Policycoreutils | Redhat | 2.0.2 (including) | 2.0.2 (including) |
| Policycoreutils | Redhat | 2.0.3 (including) | 2.0.3 (including) |
| Policycoreutils | Redhat | 2.0.4 (including) | 2.0.4 (including) |
| Policycoreutils | Redhat | 2.0.5 (including) | 2.0.5 (including) |
| Policycoreutils | Redhat | 2.0.6 (including) | 2.0.6 (including) |
| Policycoreutils | Redhat | 2.0.7 (including) | 2.0.7 (including) |
| Policycoreutils | Redhat | 2.0.8 (including) | 2.0.8 (including) |
| Policycoreutils | Redhat | 2.0.9 (including) | 2.0.9 (including) |
| Policycoreutils | Redhat | 2.0.10 (including) | 2.0.10 (including) |
| Policycoreutils | Redhat | 2.0.11 (including) | 2.0.11 (including) |
| Policycoreutils | Redhat | 2.0.12 (including) | 2.0.12 (including) |
| Policycoreutils | Redhat | 2.0.13 (including) | 2.0.13 (including) |
| Policycoreutils | Redhat | 2.0.14 (including) | 2.0.14 (including) |
| Policycoreutils | Redhat | 2.0.15 (including) | 2.0.15 (including) |
| Policycoreutils | Redhat | 2.0.16 (including) | 2.0.16 (including) |
| Policycoreutils | Redhat | 2.0.17 (including) | 2.0.17 (including) |
| Policycoreutils | Redhat | 2.0.18 (including) | 2.0.18 (including) |
| Policycoreutils | Redhat | 2.0.19 (including) | 2.0.19 (including) |
| Policycoreutils | Redhat | 2.0.20 (including) | 2.0.20 (including) |
| Policycoreutils | Redhat | 2.0.21 (including) | 2.0.21 (including) |
| Policycoreutils | Redhat | 2.0.22 (including) | 2.0.22 (including) |
| Policycoreutils | Redhat | 2.0.23 (including) | 2.0.23 (including) |
| Policycoreutils | Redhat | 2.0.24 (including) | 2.0.24 (including) |
| Policycoreutils | Redhat | 2.0.25 (including) | 2.0.25 (including) |
| Policycoreutils | Redhat | 2.0.26 (including) | 2.0.26 (including) |
| Policycoreutils | Redhat | 2.0.27 (including) | 2.0.27 (including) |
| Policycoreutils | Redhat | 2.0.28 (including) | 2.0.28 (including) |
| Policycoreutils | Redhat | 2.0.29 (including) | 2.0.29 (including) |
| Policycoreutils | Redhat | 2.0.30 (including) | 2.0.30 (including) |
| Policycoreutils | Redhat | 2.0.31 (including) | 2.0.31 (including) |
| Policycoreutils | Redhat | 2.0.32 (including) | 2.0.32 (including) |
| Policycoreutils | Redhat | 2.0.33 (including) | 2.0.33 (including) |
| Policycoreutils | Redhat | 2.0.34 (including) | 2.0.34 (including) |
| Policycoreutils | Redhat | 2.0.35 (including) | 2.0.35 (including) |
| Policycoreutils | Redhat | 2.0.36 (including) | 2.0.36 (including) |
| Policycoreutils | Redhat | 2.0.37 (including) | 2.0.37 (including) |
| Policycoreutils | Redhat | 2.0.38 (including) | 2.0.38 (including) |
| Policycoreutils | Redhat | 2.0.39 (including) | 2.0.39 (including) |
| Policycoreutils | Redhat | 2.0.40 (including) | 2.0.40 (including) |
| Policycoreutils | Redhat | 2.0.41 (including) | 2.0.41 (including) |
| Policycoreutils | Redhat | 2.0.42 (including) | 2.0.42 (including) |
| Policycoreutils | Redhat | 2.0.43 (including) | 2.0.43 (including) |
| Policycoreutils | Redhat | 2.0.44 (including) | 2.0.44 (including) |
| Policycoreutils | Redhat | 2.0.45 (including) | 2.0.45 (including) |
| Policycoreutils | Redhat | 2.0.46 (including) | 2.0.46 (including) |
| Policycoreutils | Redhat | 2.0.47 (including) | 2.0.47 (including) |
| Policycoreutils | Redhat | 2.0.48 (including) | 2.0.48 (including) |
| Policycoreutils | Redhat | 2.0.49 (including) | 2.0.49 (including) |
| Policycoreutils | Redhat | 2.0.50 (including) | 2.0.50 (including) |
| Policycoreutils | Redhat | 2.0.51 (including) | 2.0.51 (including) |
| Policycoreutils | Redhat | 2.0.52 (including) | 2.0.52 (including) |
| Policycoreutils | Redhat | 2.0.53 (including) | 2.0.53 (including) |
| Policycoreutils | Redhat | 2.0.54 (including) | 2.0.54 (including) |
| Policycoreutils | Redhat | 2.0.55 (including) | 2.0.55 (including) |
| Policycoreutils | Redhat | 2.0.56 (including) | 2.0.56 (including) |
| Policycoreutils | Redhat | 2.0.57 (including) | 2.0.57 (including) |
| Policycoreutils | Redhat | 2.0.58 (including) | 2.0.58 (including) |
| Policycoreutils | Redhat | 2.0.59 (including) | 2.0.59 (including) |
| Policycoreutils | Redhat | 2.0.60 (including) | 2.0.60 (including) |
| Policycoreutils | Redhat | 2.0.61 (including) | 2.0.61 (including) |
| Policycoreutils | Redhat | 2.0.62 (including) | 2.0.62 (including) |
| Policycoreutils | Redhat | 2.0.63 (including) | 2.0.63 (including) |
| Policycoreutils | Redhat | 2.0.64 (including) | 2.0.64 (including) |
| Policycoreutils | Redhat | 2.0.65 (including) | 2.0.65 (including) |
| Policycoreutils | Redhat | 2.0.66 (including) | 2.0.66 (including) |
| Policycoreutils | Redhat | 2.0.67 (including) | 2.0.67 (including) |
| Policycoreutils | Redhat | 2.0.68 (including) | 2.0.68 (including) |
| Policycoreutils | Redhat | 2.0.69 (including) | 2.0.69 (including) |
| Policycoreutils | Redhat | 2.0.70 (including) | 2.0.70 (including) |
| Policycoreutils | Redhat | 2.0.71 (including) | 2.0.71 (including) |
| Policycoreutils | Redhat | 2.0.72 (including) | 2.0.72 (including) |
| Policycoreutils | Redhat | 2.0.73 (including) | 2.0.73 (including) |
| Policycoreutils | Redhat | 2.0.74 (including) | 2.0.74 (including) |
| Policycoreutils | Redhat | 2.0.75 (including) | 2.0.75 (including) |
| Policycoreutils | Redhat | 2.0.76 (including) | 2.0.76 (including) |
| Policycoreutils | Redhat | 2.0.77 (including) | 2.0.77 (including) |
| Policycoreutils | Redhat | 2.0.78 (including) | 2.0.78 (including) |
| Policycoreutils | Redhat | 2.0.79 (including) | 2.0.79 (including) |
| Policycoreutils | Redhat | 2.0.80 (including) | 2.0.80 (including) |
| Policycoreutils | Redhat | 2.0.81 (including) | 2.0.81 (including) |
| Policycoreutils | Redhat | 2.0.82 (including) | 2.0.82 (including) |