CVE-2009-0834

Priority
Low
Description
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier
on the x86_64 platform does not properly handle (1) a 32-bit process making
a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which
allows local users to bypass certain syscall audit configurations via
crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.
Ubuntu-Description
The syscall interface did not correctly validate parameters when crossing
the 64-bit/32-bit boundary. A local attacker could bypass certain syscall
restricts via crafted syscalls.
References
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
More Information

Updated: 2018-06-26 04:32:24 UTC (commit 7799c934cca373482531a7b00e4dfe82302ceae5)