[RHSA-2022:4824-01] Moderate: fapolicyd security and bug fix update

Tue May 31 14:17:43 UTC 2022

An update for fapolicyd is now available for Red Hat Enterprise Linux 8.4
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Fapolicyd (File Access Policy Daemon) implements application whitelisting
to decide file access rights. Applications that are known via a reputation
source are allowed access while unknown applications are not. The daemon
makes use of the kernel's fanotify interface to determine file access
rights.

Security Fix(es):

* fapolicyd: fapolicyd wrongly prepares ld.so path (CVE-2022-1117)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Faulty handling of static applications (BZ#2084549)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2068171 - CVE-2022-1117 fapolicyd: fapolicyd wrongly prepares ld.so path
2084549 - Faulty handling of static applications [rhel-8.4.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream EUS (v.8.4):

Source:
fapolicyd-1.0.2-6.el8_4.1.src.rpm

aarch64:
fapolicyd-1.0.2-6.el8_4.1.aarch64.rpm
fapolicyd-debuginfo-1.0.2-6.el8_4.1.aarch64.rpm
fapolicyd-debugsource-1.0.2-6.el8_4.1.aarch64.rpm

noarch:
fapolicyd-selinux-1.0.2-6.el8_4.1.noarch.rpm

ppc64le:
fapolicyd-1.0.2-6.el8_4.1.ppc64le.rpm
fapolicyd-debuginfo-1.0.2-6.el8_4.1.ppc64le.rpm
fapolicyd-debugsource-1.0.2-6.el8_4.1.ppc64le.rpm

s390x:
fapolicyd-1.0.2-6.el8_4.1.s390x.rpm
fapolicyd-debuginfo-1.0.2-6.el8_4.1.s390x.rpm
fapolicyd-debugsource-1.0.2-6.el8_4.1.s390x.rpm

x86_64:
fapolicyd-1.0.2-6.el8_4.1.x86_64.rpm
fapolicyd-debuginfo-1.0.2-6.el8_4.1.x86_64.rpm
fapolicyd-debugsource-1.0.2-6.el8_4.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1117
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert at redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYpYjh9zjgjWX9erEAQjmWg//U5O9lJr219GiQS7GCs0JUh/NiAKICCHi
YhLiKzaKNqV2vKcVeHgQE+ujMx8AFssjNZzcbNUo/ERlYeeHTnW6pOP1uAB2VwHz
WJs42xGQo9jxEBMFE1aDxOtOhK8Hx+lhbm34v95cKDQlNrAQtvymC7aYnCI5ZEcl
nEV99Och33RH+eP/TlQ3+5zm0PgxelRtbyfLD0tzdZ9KpNks3QdonnZhFlo8stD0
IXN9wnFaFjSrLjCLkcUoOXxTID3EGXfNRFroQ1xpuIRbdUK0ZXUVmU5mQJMNQdCh
brqxP38k7z05tcbuGd96SLboplm/K3mkfi9dRmwL+Pk/1o8011YQ6qE+t8NRbmPY
NW/XE0Sqsi8e/jjIwakBvy+W7rxpQXv0QmZjSwpPW8OaIPZY3m4Y4/oXNlzZuLpR
leUSMAFAagLkwa7pOe2uNHXo5aoQivzx+s1pdkEeo3ffIl/vHxGtJ8m7LjG72ZFB
X+uFY/18FhxvSyLaZ0zQLMEdahO/UB3cpiWTt3ajOzqMeyFSnu6gpSs47L3eCWWS
q/RB68jVENrHXaq2g5KDRQr3iLCzUv8Obd6KTNSw5AsyJA9vGnmbYdcg6lnxzAxD
GqYqNR4DLD54zCIzanfURmdE+RvU8Zrvdn95vXPiECULa5mo16rneY/jEMvMkIGE
EbACF6ibRYg=
=YrOt
-----END PGP SIGNATURE-----