CVE-2009-0343
published 2009-01-29CVE-2009-0343: Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a…
PriorityP428high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
0.82%
52.5th percentile
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
Affected
44 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| linux | linux_kernel | <= 2.6.28.7 | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| linux | linux_kernel | — | — |
| niels_provos | systrace | <= 1.6e | — |
| niels_provos | systrace | — | — |
| niels_provos | systrace | — | — |
| niels_provos | systrace | — | — |
| niels_provos | systrace | — | — |
| niels_provos | systrace | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat7.2HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x75x-89gj-wfcm: The __secure_computing function in kernel/seccomp
ghsa_unreviewed·2022-05-02·CVSS 7.2
CVE-2009-0835 [HIGH] GHSA-x75x-89gj-wfcm: The __secure_computing function in kernel/seccomp
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.
GHSA
GHSA-rvg6-xg72-xc4w: Niels Provos Systrace 1
ghsa_unreviewed·2022-05-02
CVE-2009-0343 [HIGH] GHSA-rvg6-xg72-xc4w: Niels Provos Systrace 1
Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
GHSA
GHSA-3cv7-5j4c-h696: The audit_syscall_entry function in the Linux kernel 2
ghsa_unreviewed·2022-05-02·CVSS 7.2
CVE-2009-0834 [HIGH] GHSA-3cv7-5j4c-h696: The audit_syscall_entry function in the Linux kernel 2
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Red Hat
kernel: x86-64: syscall-audit: 32/64 syscall hole
vendor_redhat·2009-02-27·CVSS 7.2
CVE-2009-0834 [HIGH] kernel: x86-64: syscall-audit: 32/64 syscall hole
kernel: x86-64: syscall-audit: 32/64 syscall hole
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Red Hat
kernel: x86-64: seccomp: 32/64 syscall hole
vendor_redhat·2009-02-25·CVSS 7.2
CVE-2009-0835 [HIGH] kernel: x86-64: seccomp: 32/64 syscall hole
kernel: x86-64: seccomp: 32/64 syscall hole
The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 2.1, 3, 4, and 5.
No detection rules found.
No writeups or analysis indexed.
http://scary.beasts.org/security/CESA-2009-001.htmlhttp://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.htmlhttp://www.citi.umich.edu/u/provos/systrace/http://www.securityfocus.com/archive/1/500377/100/0/threadedhttp://www.securityfocus.com/bid/33417http://scary.beasts.org/security/CESA-2009-001.htmlhttp://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.htmlhttp://www.citi.umich.edu/u/provos/systrace/http://www.securityfocus.com/archive/1/500377/100/0/threadedhttp://www.securityfocus.com/bid/33417
2009-01-29
Published