Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2009-0835

Back to Search

SUSE Linux Security Vulnerability: CVE-2009-0835

Severity
4
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:N)
Published
03/06/2009
Created
07/25/2018
Added
02/17/2015
Modified
06/21/2018

Description

The __secure_computing function in kernel/seccomp.c in the seccomp subsystem in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform, when CONFIG_SECCOMP is enabled, does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass intended access restrictions via crafted syscalls that are misinterpreted as (a) stat or (b) chmod, a related issue to CVE-2009-0342 and CVE-2009-0343.

Solution(s)

  • suse-upgrade-acerhk-kmp-debug
  • suse-upgrade-acx-kmp-debug
  • suse-upgrade-appleir-kmp-debug
  • suse-upgrade-at76_usb-kmp-debug
  • suse-upgrade-atl2-kmp-debug
  • suse-upgrade-aufs-kmp-debug
  • suse-upgrade-dazuko-kmp-debug
  • suse-upgrade-drbd-kmp-debug
  • suse-upgrade-gspcav-kmp-debug
  • suse-upgrade-ib-bonding-kmp-rt
  • suse-upgrade-ib-bonding-kmp-rt_bigsmp
  • suse-upgrade-ib-bonding-kmp-rt_debug
  • suse-upgrade-ib-bonding-kmp-rt_timing
  • suse-upgrade-iscsitarget-kmp-debug
  • suse-upgrade-ivtv-kmp-debug
  • suse-upgrade-kernel-bigsmp
  • suse-upgrade-kernel-debug
  • suse-upgrade-kernel-debug-base
  • suse-upgrade-kernel-debug-extra
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-default-base
  • suse-upgrade-kernel-default-extra
  • suse-upgrade-kernel-docs
  • suse-upgrade-kernel-kdump
  • suse-upgrade-kernel-pae
  • suse-upgrade-kernel-pae-base
  • suse-upgrade-kernel-pae-extra
  • suse-upgrade-kernel-ppc64
  • suse-upgrade-kernel-ppc64-base
  • suse-upgrade-kernel-ppc64-extra
  • suse-upgrade-kernel-ps3
  • suse-upgrade-kernel-rt
  • suse-upgrade-kernel-rt_bigsmp
  • suse-upgrade-kernel-rt_debug
  • suse-upgrade-kernel-rt_timing
  • suse-upgrade-kernel-source
  • suse-upgrade-kernel-syms
  • suse-upgrade-kernel-trace
  • suse-upgrade-kernel-trace-base
  • suse-upgrade-kernel-trace-extra
  • suse-upgrade-kernel-vanilla
  • suse-upgrade-kernel-xen
  • suse-upgrade-kernel-xen-base
  • suse-upgrade-kernel-xen-extra
  • suse-upgrade-kernel-xenpae
  • suse-upgrade-kqemu-kmp-debug
  • suse-upgrade-nouveau-kmp-debug
  • suse-upgrade-ofed
  • suse-upgrade-ofed-cxgb3-nic-kmp-rt
  • suse-upgrade-ofed-cxgb3-nic-kmp-rt_bigsmp
  • suse-upgrade-ofed-cxgb3-nic-kmp-rt_debug
  • suse-upgrade-ofed-cxgb3-nic-kmp-rt_timing
  • suse-upgrade-ofed-doc
  • suse-upgrade-ofed-kmp-rt
  • suse-upgrade-ofed-kmp-rt_bigsmp
  • suse-upgrade-ofed-kmp-rt_debug
  • suse-upgrade-ofed-kmp-rt_timing
  • suse-upgrade-omnibook-kmp-debug
  • suse-upgrade-pcc-acpi-kmp-debug
  • suse-upgrade-pcfclock-kmp-debug
  • suse-upgrade-slert-release
  • suse-upgrade-tpctl-kmp-debug
  • suse-upgrade-uvcvideo-kmp-debug
  • suse-upgrade-virtualbox-ose-kmp-debug
  • suse-upgrade-vmware-kmp-debug
  • suse-upgrade-wlan-ng-kmp-debug

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;