CVE-2009-0834 - Vulnerability Details

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Linux	Linux Kernel
Opensuse	Opensuse
Redhat	Enterprise Linux Enterprise Linux Desktop Enterprise Linux Eus Enterprise Linux Server Enterprise Linux Server Aus Enterprise Linux Workstation Enterprise Mrg Rhel Eus
Suse	Linux Enterprise Desktop Linux Enterprise Server Linux Enterprise Software Development Kit

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:4.0:::::::*
	cpe:2.3:o:debian:debian_linux:5.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:7.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:8.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:8.10:::::::*

Configuration 4 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:4.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:5.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:opensuse:opensuse:10.3:::::::*
	cpe:2.3:o:opensuse:opensuse:11.0:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_server:10:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2::::::

Package	CPE	Advisory	Released Date
MRG for RHEL-5
kernel-rt-0:2.6.24.7-111.el5rt	cpe:/a:redhat:enterprise_mrg:1::el5	RHSA-2009:0451	2009-04-29T00:00:00Z
Red Hat Enterprise Linux 4
kernel-0:2.6.9-78.0.22.EL	cpe:/o:redhat:enterprise_linux:4	RHSA-2009:0459	2009-04-30T00:00:00Z
Red Hat Enterprise Linux 5
kernel-0:2.6.18-128.1.10.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2009:0473	2009-05-07T00:00:00Z
Red Hat Enterprise Linux 5.2 Z Stream
kernel-0:2.6.18-92.1.35.el5	cpe:/o:redhat:rhel_eus:5.2	RHSA-2010:0079	2010-02-02T00:00:00Z

References

Link	Providers
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c
http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html
http://marc.info/?l=linux-kernel&m=123579056530191&w=2
http://marc.info/?l=linux-kernel&m=123579065130246&w=2
http://marc.info/?l=oss-security&m=123597642832637&w=2
http://rhn.redhat.com/errata/RHSA-2009-0459.html
http://rhn.redhat.com/errata/RHSA-2009-0473.html
http://scary.beasts.org/security/CESA-2009-001.html
http://secunia.com/advisories/34084
http://secunia.com/advisories/34917
http://secunia.com/advisories/34962
http://secunia.com/advisories/34981
http://secunia.com/advisories/35011
http://secunia.com/advisories/35015
http://secunia.com/advisories/35120
http://secunia.com/advisories/35121
http://secunia.com/advisories/35185
http://secunia.com/advisories/35390
http://secunia.com/advisories/35394
http://secunia.com/advisories/37471
http://wiki.rpath.com/Advisories:rPSA-2009-0084
http://www.debian.org/security/2009/dsa-1787
http://www.debian.org/security/2009/dsa-1794
http://www.debian.org/security/2009/dsa-1800
http://www.mandriva.com/security/advisories?name=MDVSA-2009:118
http://www.redhat.com/support/errata/RHSA-2009-0451.html
http://www.securityfocus.com/archive/1/503610/100/0/threaded
http://www.securityfocus.com/archive/1/507985/100/0/threaded
http://www.securityfocus.com/bid/33951
http://www.securitytracker.com/id?1022153
http://www.ubuntu.com/usn/usn-751-1
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
http://www.vupen.com/english/advisories/2009/3316
https://bugzilla.redhat.com/show_bug.cgi?id=487990
https://exchange.xforce.ibmcloud.com/vulnerabilities/49061
https://nvd.nist.gov/vuln/detail/CVE-2009-0834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600
https://www.cve.org/CVERecord?id=CVE-2009-0834

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-03-06T11:00:00

Updated: 2024-08-07T04:48:52.350Z

Reserved: 2009-03-06T00:00:00

Link: CVE-2009-0834

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2009-03-06T11:30:02.627

Modified: 2025-04-09T00:30:58.490

Link: CVE-2009-0834

Redhat

Severity : Important

Publid Date: 2009-02-27T00:00:00Z

Links: CVE-2009-0834 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-02-28T00:00:00", "descriptions": [{"lang": "en", "value": "The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "35390", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35390"}, {"name": "1022153", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022153"}, {"name": "34962", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34962"}, {"name": "MDVSA-2009:118", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"}, {"name": "SUSE-SA:2009:028", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "37471", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/37471"}, {"name": "RHSA-2009:0459", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"}, {"tags": ["x_refsource_MISC"], "url": "http://scary.beasts.org/security/CESA-2009-001.html"}, {"name": "linux-kernel-auditsyscallentry-sec-bypass(49061)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49061"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"}, {"name": "[oss-security] 20090302 CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=oss-security&m=123597642832637&w=2"}, {"name": "DSA-1794", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "SUSE-SA:2009:030", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35185"}, {"name": "35015", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35015"}, {"name": "oval:org.mitre.oval:def:8508", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508"}, {"name": "35011", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35011"}, {"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"}, {"name": "35120", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35120"}, {"name": "SUSE-SA:2009:031", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34084", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34084"}, {"name": "34981", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "oval:org.mitre.oval:def:9600", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600"}, {"name": "34917", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34917"}, {"name": "DSA-1787", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "[linux-kernel] 20090228 [PATCH 0/2] x86-64: 32/64 syscall arch holes", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=123579056530191&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, {"name": "RHSA-2009:0473", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "RHSA-2009:0451", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0451.html"}, {"name": "[linux-kernel] 20090228 [PATCH 1/2] x86-64: syscall-audit: fix 32/64 syscall hole", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://marc.info/?l=linux-kernel&m=123579065130246&w=2"}, {"name": "35121", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35121"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c"}, {"name": "ADV-2009-3316", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/3316"}, {"name": "33951", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/33951"}, {"name": "35394", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35394"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-0834", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "35390", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35390"}, {"name": "1022153", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022153"}, {"name": "34962", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34962"}, {"name": "MDVSA-2009:118", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"}, {"name": "SUSE-SA:2009:028", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "37471", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/37471"}, {"name": "RHSA-2009:0459", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"}, {"name": "http://scary.beasts.org/security/CESA-2009-001.html", "refsource": "MISC", "url": "http://scary.beasts.org/security/CESA-2009-001.html"}, {"name": "linux-kernel-auditsyscallentry-sec-bypass(49061)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49061"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"}, {"name": "[oss-security] 20090302 CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole", "refsource": "MLIST", "url": "http://marc.info/?l=oss-security&m=123597642832637&w=2"}, {"name": "DSA-1794", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "SUSE-SA:2009:030", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35185"}, {"name": "35015", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35015"}, {"name": "oval:org.mitre.oval:def:8508", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508"}, {"name": "35011", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35011"}, {"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"}, {"name": "35120", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35120"}, {"name": "SUSE-SA:2009:031", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34084", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34084"}, {"name": "34981", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "oval:org.mitre.oval:def:9600", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600"}, {"name": "34917", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34917"}, {"name": "DSA-1787", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "[linux-kernel] 20090228 [PATCH 0/2] x86-64: 32/64 syscall arch holes", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=123579056530191&w=2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=487990", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, {"name": "RHSA-2009:0473", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"}, {"name": "http://wiki.rpath.com/Advisories:rPSA-2009-0084", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "RHSA-2009:0451", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2009-0451.html"}, {"name": "[linux-kernel] 20090228 [PATCH 1/2] x86-64: syscall-audit: fix 32/64 syscall hole", "refsource": "MLIST", "url": "http://marc.info/?l=linux-kernel&m=123579065130246&w=2"}, {"name": "35121", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35121"}, {"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccbe495caa5e604b04d5a31d7459a6f6a76a756c", "refsource": "CONFIRM", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ccbe495caa5e604b04d5a31d7459a6f6a76a756c"}, {"name": "ADV-2009-3316", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/3316"}, {"name": "33951", "refsource": "BID", "url": "http://www.securityfocus.com/bid/33951"}, {"name": "35394", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35394"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T04:48:52.350Z"}, "title": "CVE Program Container", "references": [{"name": "35390", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35390"}, {"name": "1022153", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022153"}, {"name": "34962", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34962"}, {"name": "MDVSA-2009:118", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"}, {"name": "SUSE-SA:2009:028", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"name": "37471", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/37471"}, {"name": "RHSA-2009:0459", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://scary.beasts.org/security/CESA-2009-001.html"}, {"name": "linux-kernel-auditsyscallentry-sec-bypass(49061)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49061"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"}, {"name": "[oss-security] 20090302 CVE request: kernel: x86-64: syscall-audit: 32/64 syscall hole", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=oss-security&m=123597642832637&w=2"}, {"name": "DSA-1794", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"name": "20090516 rPSA-2009-0084-1 kernel", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"name": "SUSE-SA:2009:030", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"name": "USN-751-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"name": "35185", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35185"}, {"name": "35015", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35015"}, {"name": "oval:org.mitre.oval:def:8508", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508"}, {"name": "35011", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35011"}, {"name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"}, {"name": "35120", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35120"}, {"name": "SUSE-SA:2009:031", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"name": "34084", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34084"}, {"name": "34981", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34981"}, {"name": "DSA-1800", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"name": "oval:org.mitre.oval:def:9600", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600"}, {"name": "34917", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34917"}, {"name": "DSA-1787", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"name": "[linux-kernel] 20090228 [PATCH 0/2] x86-64: 32/64 syscall arch holes", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=123579056530191&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, {"name": "RHSA-2009:0473", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"name": "RHSA-2009:0451", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0451.html"}, {"name": "[linux-kernel] 20090228 [PATCH 1/2] x86-64: syscall-audit: fix 32/64 syscall hole", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://marc.info/?l=linux-kernel&m=123579065130246&w=2"}, {"name": "35121", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35121"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c"}, {"name": "ADV-2009-3316", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/3316"}, {"name": "33951", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/33951"}, {"name": "35394", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35394"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-0834", "datePublished": "2009-03-06T11:00:00", "dateReserved": "2009-03-06T00:00:00", "dateUpdated": "2024-08-07T04:48:52.350Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "37C3A423-BCC9-4001-A976-8C8620DD22F4", "versionEndIncluding": "2.6.28.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "823BF8BE-2309-4F67-A5E2-EAD98F723468", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "matchCriteriaId": "7EBFE35C-E243-43D1-883D-4398D71763CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*", "matchCriteriaId": "4747CC68-FAF4-482F-929A-9DA6C24CB663", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "E1CA1D49-76E7-4195-98AF-BE916040ECC3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "941713DB-B1DE-4953-9A9C-174EAFDCB3E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "73322DEE-27A6-4D18-88A3-ED7F9CAEABD5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "1F87B994-28E4-4095-8770-6433DE9C93AB", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "5B5DCF29-6830-45FF-BC88-17E2249C653D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "C35B68DF-1440-4587-8458-9C5F4D1E43F3", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B42AB65-443B-4655-BAEA-4EB4A43D9509", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*", "matchCriteriaId": "513797E6-FCE6-4E84-9B66-202541F9601E", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*", "matchCriteriaId": "22A79A35-05DB-4B9F-AD3E-EA6F933CF10C", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp2:*:*:*:*:*:*", "matchCriteriaId": "D3BEE9CB-F0AF-44B1-B454-1AE2F04D7299", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343."}, {"lang": "es", "value": "La funci\u00f3n audit_syscall_entry en el n\u00facleo de Linux v2.6.28.7 y versiones anteriores en la plataforma x86_64 no maneja adecuadamente (1) un proceso de 32-bit haciendo una llamada al sistema (syscall) de 64 bit o (2) un proceso de 64-bit haciendo una llamada al sistema (syscall) de 32-bit, lo cual permite a usuarios locales evitar determinadas configuraciones de auditor\u00eda de llamadas al sistema (syscall) a trav\u00e9s de llamadas al sistema (syscall) manipuladas, una cuesti\u00f3n diferente a VE-2009-0342 y CVE-2009-0343."}], "id": "CVE-2009-0834", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-03-06T11:30:02.627", "references": [{"source": "cve@mitre.org", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=123579056530191&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=123579065130246&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=123597642832637&w=2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://scary.beasts.org/security/CESA-2009-001.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34084"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34917"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34962"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34981"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35011"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35015"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35120"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35121"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35185"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35390"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35394"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/37471"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0451.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/33951"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1022153"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3316"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49061"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ccbe495caa5e604b04d5a31d7459a6f6a76a756c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=123579056530191&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=linux-kernel&m=123579065130246&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=oss-security&m=123597642832637&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0459.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2009-0473.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://scary.beasts.org/security/CESA-2009-001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34917"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34962"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/34981"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35011"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35121"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35185"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35390"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/37471"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0084"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1787"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1794"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2009/dsa-1800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2009-0451.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/503610/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/33951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id?1022153"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-751-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/3316"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49061"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8508"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9600"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2009:0451", "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5", "package": "kernel-rt-0:2.6.24.7-111.el5rt", "product_name": "MRG for RHEL-5", "release_date": "2009-04-29T00:00:00Z"}, {"advisory": "RHSA-2009:0459", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "kernel-0:2.6.9-78.0.22.EL", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2009-04-30T00:00:00Z"}, {"advisory": "RHSA-2009:0473", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "kernel-0:2.6.18-128.1.10.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2009-05-07T00:00:00Z"}, {"advisory": "RHSA-2010:0079", "cpe": "cpe:/o:redhat:rhel_eus:5.2", "package": "kernel-0:2.6.18-92.1.35.el5", "product_name": "Red Hat Enterprise Linux 5.2 Z Stream", "release_date": "2010-02-02T00:00:00Z"}], "bugzilla": {"description": "kernel: x86-64: syscall-audit: 32/64 syscall hole", "id": "487990", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487990"}, "csaw": false, "cvss": {"cvss_base_score": "3.6", "cvss_scoring_vector": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "status": "verified"}, "details": ["The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343."], "name": "CVE-2009-0834", "public_date": "2009-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2009-0834\nhttps://nvd.nist.gov/vuln/detail/CVE-2009-0834"], "threat_severity": "Important"}

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object