0005324: Your system may be seriously compromised /sbin/ip tried to load a kernel module

Summary:<br /> <br /> Your system may be seriously compromised! /sbin/ip tried to load a kernel<br /> module.<br /> <br /> Detailed Description:<br /> <br /> SELinux has prevented ip from loading a kernel module. All confined programs<br /> that need to load kernel modules should have already had policy written for<br /> them. If a compromised application tries to modify the kernel this AVC will be<br /> generated. This is a serious issue. Your system may very well be compromised.<br /> <br /> Allowing Access:<br /> <br /> Contact your security administrator and report this issue.<br /> <br /> Additional Information:<br /> <br /> Source Context system_u:system_r:ifconfig_t:s0<br /> Target Context system_u:system_r:ifconfig_t:s0<br /> Target Objects None [ capability ]<br /> Source ip<br /> Source Path /sbin/ip<br /> Port <Unknown><br /> Host localhost.localdomain<br /> Source RPM Packages iproute-2.6.32-16.el6<br /> Target RPM Packages <br /> Policy RPM selinux-policy-3.7.19-93.el6_1.7<br /> Selinux Enabled True<br /> Policy Type targeted<br /> Enforcing Mode Enforcing<br /> Plugin Name sys_module<br /> Host Name localhost.localdomain<br /> Platform Linux localhost.localdomain<br /> 2.6.32-131.17.1.el6.i686 <a href="http://bugs.centos.org/view.php?id=1">0000001</a> SMP Thu Oct 6 17:25:25<br /> BST 2011 i686 i686<br /> Alert Count 2<br /> First Seen Tue 20 Dec 2011 02:01:55 PM CET<br /> Last Seen Tue 20 Dec 2011 02:01:56 PM CET<br /> Local ID da369a8f-c68c-42dc-90e8-a58da14421c9<br /> Line Numbers <br /> <br /> Raw Audit Messages <br /> <br /> node=localhost.localdomain type=AVC msg=audit(1324386116.224:15): avc: denied { sys_module } for pid=1624 comm="ip" capability=16 scontext=system_u:system_r:ifconfig_t:s0 tcontext=system_u:system_r:ifconfig_t:s0 tclass=capability<br /> <br /> node=localhost.localdomain type=SYSCALL msg=audit(1324386116.224:15): arch=40000003 syscall=54 success=no exit=-19 a0=4 a1=8933 a2=bfaea6bc a3=4 items=0 ppid=1621 pid=1624 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="ip" exe="/sbin/ip" subj=system_u:system_r:ifconfig_t:s0 key=(null)