CVE-2009-0835

Priority
Description
The __secure_computing function in kernel/seccomp.c in the seccomp
subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform,
when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit
process making a 64-bit syscall or (2) a 64-bit process making a 32-bit
syscall, which allows local users to bypass intended access restrictions
via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a
related issue to CVE-2009-0342 and CVE-2009-0343.
Ubuntu-Description
The syscall interface did not correctly validate parameters when crossing
the 64-bit/32-bit boundary. A local attacker could bypass certain syscall
restricts via crafted syscalls.
Package
Source: linux (LP Ubuntu Debian)
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-03-19 11:49:15 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)