CVE-2009-0835

2009-03-0600:00:00

ubuntu.com

3.6 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

The __secure_computing function in kernel/seccomp.c in the seccomp
subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform,
when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit
process making a 64-bit syscall or (2) a 64-bit process making a 32-bit
syscall, which allows local users to bypass intended access restrictions
via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a
related issue to CVE-2009-0342 and CVE-2009-0343.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlinux< 2.6.24-23.52UNKNOWN
ubuntu8.10noarchlinux< 2.6.27-11.31UNKNOWN
ubuntu6.06noarchlinux-source-2.6.15< 2.6.15-54.76UNKNOWN
ubuntu7.10noarchlinux-source-2.6.22< 2.6.22-16.62UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	linux	< 2.6.24-23.52	UNKNOWN
ubuntu	8.10	noarch	linux	< 2.6.27-11.31	UNKNOWN
ubuntu	6.06	noarch	linux-source-2.6.15	< 2.6.15-54.76	UNKNOWN
ubuntu	7.10	noarch	linux-source-2.6.22	< 2.6.22-16.62	UNKNOWN