CVE-2009-0834

2009-03-0600:00:00

ubuntu.com

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0005 Low

EPSS

Percentile

18.9%

JSON

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier
on the x86_64 platform does not properly handle (1) a 32-bit process making
a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which
allows local users to bypass certain syscall audit configurations via
crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-23.52UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-11.31UNKNOWN
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-54.76UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22< 2.6.22-16.62UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-23.52	UNKNOWN
ubuntu	8.10	noarch	linux	< 2.6.27-11.31	UNKNOWN
ubuntu	6.06	noarch	linux-source-2.6.15	< 2.6.15-54.76	UNKNOWN
ubuntu	7.10	noarch	linux-source-2.6.22	< 2.6.22-16.62	UNKNOWN