Lucene search

PRIOn knowledge basePRION:CVE-2009-0029

HistoryJan 15, 2009 - 5:30 p.m.

Design/Logic Flaw

2009-01-1517:30:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.1%

JSON

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

CPENameOperatorVersion
debian_linuxeq5.0
debian_linuxeq4.0
linux_kernelle2.6.28

Name	Operator	Version
debian_linux	eq	5.0
debian_linux	eq	4.0
linux_kernel	le	2.6.28

References

lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html

secunia.com/advisories/33477

secunia.com/advisories/33674

secunia.com/advisories/34394

secunia.com/advisories/34981

secunia.com/advisories/35011

www.debian.org/security/2009/dsa-1749

www.debian.org/security/2009/dsa-1787

www.debian.org/security/2009/dsa-1794

www.mandriva.com/security/advisories?name=MDVSA-2009:135

www.securityfocus.com/bid/33275

bugzilla.redhat.com/show_bug.cgi?id=479969

marc.info/?l=linux-kernel&m=123155111608910&w=2

www.redhat.com/archives/fedora-package-announce/2009-January/msg01045.html