Launchpad.net

CVE 2009-1184

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21.

Related bugs and status

CVE-2009-1184 (Candidate) is related to these bugs:

Bug #371651: [Jaunty] Update kernel to Linux 2.6.28.10

Summary				In	Importance	Status
	371651	[Jaunty] Update kernel to Linux 2.6.28.10		linux (Ubuntu)	Undecided	Invalid
	371651	[Jaunty] Update kernel to Linux 2.6.28.10		linux (Ubuntu Jaunty)	Medium	Fix Released

Bug #395973: Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities

Summary				In	Importance	Status
	395973	Please update kernel to version 2.6.24-26.34 to fix several security vulnerabilities		The Dell Mini Project	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-1184

Related bugs and status

Related bugs

References