CVE-2009-0834
Publication date 6 March 2009
Last updated 24 July 2024
Ubuntu priority
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
From the Ubuntu Security Team
The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls.
Status
Package | Ubuntu Release | Status |
---|---|---|
linux | ||
linux-source-2.6.15 | ||
linux-source-2.6.22 | ||