• Local DoS attack vectors in seunshare 3.10 (SUSE Security Team Blog)

    From LWN.net@1337:1/100 to All on Wed Jul 15 17:00:08 2026
    Local DoS attack vectors in seunshare 3.10 (SUSE Security Team Blog)

    Date:
    Wed, 15 Jul 2026 15:52:13 +0000

    Description:
    The SUSE Security Team Blog has a post with an analysis of seunshare ,
    which is used by SELinux to confine untrusted programs. During a
    review of version
    3.10 of the program, the team identified two local
    Denial-of-Service (DoS) vectors. Since seunshare is supposed to run on SELinux-enabled systems, it
    is important to understand what kind of privilege escalation can be
    achieved when vulnerabilities are exploited in a setuid-root binary
    like this. Many SELinux-enabled systems, such as Fedora and openSUSE,
    ship with the "targeted" SELinux policy by default. This policy is
    focused on confining well-known system services, but assigns an
    unconfined SELinux context to interactive users by default to achieve
    a balance between security and usability. There is currently no domain transition from the unconfined domain
    to the more restricted seunshare_t defined in the SELinux policy for
    seunshare . This means the execution of seunshare continues in the
    unconfined domain. Thus in the context of attacks carried out by
    interactive users, the impact of the vulnerabilities below will be a
    root-like privilege escalation despite the system running in SELinux
    enforced mode. See the post for the full write-up of the team's discoveries and timeline. The
    vulnerabilities have been fixed in version3.11 .

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/1083076/


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)