Linux Kernel AMD64 32bit Emulation Code Privilege Escalation

2004-12-24T10:16:13
ID OSVDB:12590
Type osvdb
Reporter Petr Vandrovec()
Modified 2004-12-24T10:16:13

Description

Vulnerability Description

Linux Kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker exploits a boundary condition which exists in the handling of 32bit system call emulation on AM64 and/or Intel EM64T systems occurs. This flaw may lead to a loss of integrity.

Solution Description

Upgrade to version released by respective vendors, as it has been reported to fix this vulnerability. In addition, some vendors have released a patch for some older versions.

Short Description

Linux Kernel contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker exploits a boundary condition which exists in the handling of 32bit system call emulation on AM64 and/or Intel EM64T systems occurs. This flaw may lead to a loss of integrity.

References:

Vendor Specific Advisory URL Secunia Advisory ID:13627 RedHat RHSA: RHSA-2004:689 Packet Storm: http://packetstormsecurity.org/0412-advisories/SUSE-SA-2004-046.txt Other Advisory URL: http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.2095.1 ISS X-Force ID: 18686 CVE-2004-1144 CIAC Advisory: p-081 Bugtraq ID: 12079