CVE-2022-1117

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.4 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Affected Products (NVD)
VendorProductVersion
fapolicyd_projectfapolicyd
𝑥
< 1.1.2
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
fapolicyd
RHEL 8
0:1.1-6.el8
fixed
RHEL 8.4 AUS
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 E4S
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 EUS
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 TUS
0:1.0.2-6.el8_4.1
fixed
fapolicyd-selinux
RHEL 8
0:1.1-6.el8
fixed
RHEL 8.4 AUS
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 E4S
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 EUS
0:1.0.2-6.el8_4.1
fixed
RHEL 8.4 TUS
0:1.0.2-6.el8_4.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2022-1117
https://bugzilla.redhat.com/show_bug.cgi?id=2066904
https://bugzilla.redhat.com/show_bug.cgi?id=2068171
https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263
https://access.redhat.com/security/cve/CVE-2022-1117
https://bugzilla.redhat.com/show_bug.cgi?id=2066904
https://bugzilla.redhat.com/show_bug.cgi?id=2068171
https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263