Lucene search
MitreCVE-2009-0343HistoryJan 29, 2009 - 7:30 p.m.
CVE-2009-0343
2009-01-2919:30:00
CWE-264
mitre
web.nvd.nist.gov
38
niels provos
systrace
1.6f
linux
access restrictions
bypass
cve-2009-0343
nvd
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6
Confidence
Low
EPSS
0
Percentile
0.4%
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
Affected configurations
Node
niels_provossystraceRange≤1.6e
ORniels_provossystraceMatch1.1
ORniels_provossystraceMatch1.2
ORniels_provossystraceMatch1.3
ORniels_provossystraceMatch1.4
ORniels_provossystraceMatch1.5
ORniels_provossystraceMatch1.6
ORniels_provossystraceMatch1.6a
ORniels_provossystraceMatch1.6b
ORniels_provossystraceMatch1.6c
ORniels_provossystraceMatch1.6d
linuxlinux_kernelMatch_nil__nil_x86_64
| Vendor | Product | Version | CPE |
|---|---|---|---|
| niels_provos | systrace | * | cpe:2.3:a:niels_provos:systrace:*:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.1 | cpe:2.3:a:niels_provos:systrace:1.1:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.2 | cpe:2.3:a:niels_provos:systrace:1.2:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.3 | cpe:2.3:a:niels_provos:systrace:1.3:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.4 | cpe:2.3:a:niels_provos:systrace:1.4:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.5 | cpe:2.3:a:niels_provos:systrace:1.5:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.6 | cpe:2.3:a:niels_provos:systrace:1.6:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.6a | cpe:2.3:a:niels_provos:systrace:1.6a:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.6b | cpe:2.3:a:niels_provos:systrace:1.6b:*:*:*:*:*:*:* |
| niels_provos | systrace | 1.6c | cpe:2.3:a:niels_provos:systrace:1.6c:*:*:*:*:*:*:* |
Related
cvelist
cvelist
prion
prion
Race condition
2009-01-29 19:30:00
Design/Logic Flaw
2009-03-06 11:30:00
Design/Logic Flaw
2009-03-06 11:30:00
exploitdb
exploitdb
Systrace 1.x (Linux Kernel x64) - Aware Local Privilege Escalation
2009-01-23 00:00:00
nvd
nvd
ubuntucve
ubuntucve
CVE-2009-0835
2009-03-06 00:00:00
CVE-2009-0834
2009-03-06 00:00:00
cve
cve
CVE-2009-0835
2009-03-06 11:30:02
CVE-2009-0834
2009-03-06 11:30:02
f5
f5
nessus
nessus
OracleVM 2.1 : kernel (OVMSA-2009-0009)
2014-11-26 00:00:00
Mandriva Linux Security Advisory : kernel (MDVSA-2009:118)
2009-05-20 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:118 (kernel)
2009-05-25 00:00:00
Mandrake Security Advisory MDVSA-2009:118 (kernel)
2009-05-25 00:00:00
Ubuntu USN-776-2 (kvm)
2009-06-05 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6
Confidence
Low
EPSS
0
Percentile
0.4%
Related for CVE-2009-0343