Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux Kernel 'security/selinux/hooks.c'配置错误漏洞
Vulnerability Description
Linux kernel 2.6.27.22版本之前的版本以及2.6.28.10版本和之前的版本2.6.28.x的SELinux子系统的security/selinux/hooks.c中的selinux_ip_postroute_iptables_compat函数,当compat_net被激活时,会忽略对avc_has_perm的(1)节点和(2)端口的调用,这会允许本地用户绕过网络流量上的预设限制。注意: 该漏洞曾经被错误报道为在2.6.27.21中被修复。
CVSS Information
N/A
Vulnerability Type
N/A