CVE-2009-0834 — Kernel vulnerability

7 documents6 sources

Severity

3.6LOWNVD

CNA7.2

EPSS

0.1%

top 84.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

12

Linux Kernel Canonical Ubuntu Linux Debian Linux +9 more

Timeline

PublishedMar 6

Latest updateMay 2

Description

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages8 packages

▶NVDlinux/linux_kernel2.6.28.7

▶NVDsuse/linux_enterprise_server10

▶NVDsuse/linux_enterprise_desktop10

▶NVDredhat/enterprise_linux_server4.0, 5.0+1

▶NVDredhat/enterprise_linux_desktop4.0, 5.0+1

Also affects: Debian Linux 4.0, 5.0, Ubuntu Linux 7.10, 8.04, 8.10, Enterprise Linux 4.7, 5.3

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-3cv7-5j4c-h696: The audit_syscall_entry function in the Linux kernel 2↗2022-05-02

▶

CVEList

CVE-2009-0834: The audit_syscall_entry function in the Linux kernel 2↗2009-03-06

▶

📋Vendor Advisories

3

Ubuntu

Linux kernel vulnerabilities↗2009-04-07

▶

Ubuntu

Linux kernel vulnerabilities↗2009-04-06

▶

Red Hat

kernel: x86-64: syscall-audit: 32/64 syscall hole↗2009-02-27

▶

💬Community

1

Bugzilla

CVE-2009-0834 kernel: x86-64: syscall-audit: 32/64 syscall hole↗2009-03-02

▶

CVE-2009-0834 — Linux Kernel vulnerability | cvebase