Title: Security-Enhanced Linux Buffer Overflow Vulnerability
Severity: MODERATE
Description:
Security-Enhanced Linux is an add-on access control infrastructure developed and distributed by the U.S. National Security Agency. A problem exists which could allow the altering of sensitive information on a running system.
The problem occurs in the libsecure/get_default_type.c file. get_default_type attempts to allocate buffer space by extracting the default type from /etc/security/default_type and copying the result to a buffer. The buffer that is created, however, is generally one byte too small and creates an ideal situation for a buffer overflow attack. This vulnerability can be exploited by a malicious user to potentially overwrite malloc()'d fields that may contain other application data, or overhead data that another application was relying upon.
Affected Products:
- NSA Security-Enhanced Linux slinux-200012181053
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
