Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-0835
HistoryMar 06, 2009 - 11:30 a.m.

CVE-2009-0835

2009-03-0611:30:02
CWE-264
[email protected]
web.nvd.nist.gov
38
cve
2009
0835
linux kernel
seccomp
bypass
vulnerability

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.

Affected configurations

NVD
Node
linuxlinux_kernelMatch2.6.25x86_64
OR
linuxlinux_kernelMatch2.6.25.1x86_64
OR
linuxlinux_kernelMatch2.6.25.2x86_64
OR
linuxlinux_kernelMatch2.6.25.3x86_64
OR
linuxlinux_kernelMatch2.6.25.4x86_64
OR
linuxlinux_kernelMatch2.6.25.5x86_64
OR
linuxlinux_kernelMatch2.6.25.6x86_64
OR
linuxlinux_kernelMatch2.6.25.7x86_64
OR
linuxlinux_kernelMatch2.6.25.8x86_64
OR
linuxlinux_kernelMatch2.6.25.9x86_64
OR
linuxlinux_kernelMatch2.6.25.10x86_64
OR
linuxlinux_kernelMatch2.6.25.11x86_64
OR
linuxlinux_kernelMatch2.6.25.12x86_64

References

Related

prion 4
nvd 4
cvelist 4
ubuntucve 2
f5 2
veracode 1
nessus 11
openvas 21
cve 3
suse 4
redhat 1
ubuntu 2
debian 1
osv 1
prion
prion
Design/Logic Flaw
2009-03-06 11:30:00
Design/Logic Flaw
2009-03-06 11:30:00
Race condition
2009-01-29 19:30:00
nvd
nvd
CVE-2009-0835
2009-03-06 11:30:02
CVE-2009-0834
2009-03-06 11:30:02
CVE-2009-0342
2009-01-29 19:30:00
cvelist
cvelist
CVE-2009-0835
2009-03-06 11:00:00
CVE-2009-0834
2009-03-06 11:00:00
CVE-2009-0343
2009-01-29 19:00:00
ubuntucve
ubuntucve
CVE-2009-0835
2009-03-06 00:00:00
CVE-2009-0834
2009-03-06 00:00:00
f5
f5
SOL16351 - Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
2015-04-02 00:00:00
K16351 : Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
2015-04-02 00:00:00
veracode
veracode
Access Control Bypass
2020-04-10 00:37:50
nessus
nessus
Mandriva Linux Security Advisory : kernel (MDVSA-2009:118)
2009-05-20 00:00:00
openSUSE Security Update : kernel (kernel-733)
2009-07-21 00:00:00
SuSE 11 Security Update : Linux kernel (SAT Patch Numbers 713 / 715 / 716)
2009-09-24 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:118 (kernel)
2009-05-25 00:00:00
Mandrake Security Advisory MDVSA-2009:118 (kernel)
2009-05-25 00:00:00
SLES11: Security update for Linux kernel
2009-10-11 00:00:00
cve
cve
CVE-2009-0834
2009-03-06 11:30:02
CVE-2009-0342
2009-01-29 19:30:00
CVE-2009-0343
2009-01-29 19:30:00
suse
suse
local privilege escalation in kernel
2009-04-16 18:23:52
potential remote code execution in kernel
2009-05-20 19:00:49
remote code execution in kernel
2009-06-09 09:26:36
redhat
redhat
(RHSA-2009:0451) Important: kernel-rt security and bug fix update
2009-04-29 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2009-04-07 00:00:00
Linux kernel vulnerabilities
2009-04-06 00:00:00
debian
debian
[SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities
2009-05-15 19:17:51
osv
osv
linux-2.6 user-mode-linux - several vulnerabilities
2009-05-15 00:00:00

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2009-0835
prion4nvd4cvelist4ubuntucve2f52veracode1nessus11openvas21cve3suse4redhat1ubuntu2debian1osv1