QwikSec

Security Database

CVE

CWE

Training

CVE-2022-1117

Published: Aug 29, 2022

Modified: Aug 2, 2024

PUBLISHED

Description

A vulnerability was found in fapolicyd. The vulnerability occurs due to an assumption on how glibc names the runtime linker, a build time regular expression may not correctly detect the runtime linker. The consequence is that the pattern detection for applications launched by the run time linker may fail to detect the pattern and allow execution.

Vendor	Product	Versions
n/a	fapolicyd	affected `Fixed in v1.1.2`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2068171

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=2066904

x_refsource_MISC

https://github.com/linux-application-whitelisting/fapolicyd/commit/38a942613f93824c53164730b2b7a2f75b8cd263

x_refsource_MISC

https://access.redhat.com/security/cve/CVE-2022-1117

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.