James Carter - Security Researcher - Exploit Intelligence Platform

CVE-2021-36084 WRITEUP LOW WRITEUP

SELinux 3.2 - Use-After-Free in CIL Compiler Class Permission Verification

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __cil_verify_classpermission and __cil_pre_verify_helper).

CVSS 3.3

View Code

CVE-2021-36085 WRITEUP LOW WRITEUP

SELinux 3.2 - Use-After-Free in CIL Compiler

The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from __verify_map_perm_classperms and hashtab_map).

CVSS 3.3

View Code

CVE-2021-36086 WRITEUP LOW WRITEUP

SELinux < 3.3 - Use-After-Free in CIL Compiler

The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list).

CVSS 3.3

View Code

CVE-2021-36087 WRITEUP LOW WRITEUP

SELinux 3.2 - Heap-Based Buffer Over-Read in CIL Compiler

The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block.

CVSS 3.3

View Code