CVE-2009-0834
CVE-2009-0834
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756chttp://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.htmlhttp://marc.info/?l=linux-kernel&m=123579056530191&w=2http://marc.info/?l=linux-kernel&m=123579065130246&w=2http://marc.info/?l=oss-security&m=123597642832637&w=2http://rhn.redhat.com/errata/RHSA-2009-0459.htmlhttp://rhn.redhat.com/errata/RHSA-2009-0473.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=487990http://scary.beasts.org/security/CESA-2009-001.htmlhttp://secunia.com/advisories/34084