How severe is CVE-2009-1184?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2009-1184?

This is classified as CWE-16, which is a common weakness in software security.

CVE-2009-1184 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21.

Related Vulnerabilities

CVE-2015-9197

CRITICAL

CVSS:9.8(Critical)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD ...

CWE-162015

CVE-2016-10388

CRITICAL

CVSS:9.8(Critical)

In all Qualcomm products with Android releases from CAF using the Linux kernel, a configuration vulnerability exists when loading a 3rd-party QTEE application.

CWE-162016

CVE-2017-6639

CRITICAL

CVSS:9.8(Critical)

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to access sensitive information ...

CWE-162017

CVE-2018-15386

CRITICAL

CVSS:9.8(Critical)

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management f...

CWE-162018

CVE-2019-3939

CRITICAL

CVSS:9.8(Critical)

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. An unauthenticated, remote attacker can use th...

CWE-162019

CVE-2019-3949

CRITICAL

CVSS:9.8(Critical)

Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or downloa...

CWE-162019