Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 04 May 2009 10:45:54 +0800
From: Eugene Teo <>
Subject: CVE-2009-1184 selinux: skipped node/port send checks in the compat_net=1

Not upstream in 2.6.30, as the function was removed there.

Node and port send checks can skip in the compat_net=1 case. This bug
was introduced in commit effad8d.

This is fixed in[1] and[2]. I believe it will be
fixed in 2.6.29.y soon.


Thanks, Eugene

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ