CVE-2009-0834

LOW

Description

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

ID	Name	Product	Family	Severity
89117	VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)	Nessus	Misc.	critical
79456	OracleVM 2.1 : kernel (OVMSA-2009-0009)	Nessus	OracleVM Local Security Checks	high
67854	Oracle Linux 5 : kernel (ELSA-2009-0473)	Nessus	Oracle Linux Local Security Checks	medium
67853	Oracle Linux 4 : kernel (ELSA-2009-0459)	Nessus	Oracle Linux Local Security Checks	medium
63915	RHEL 5 : kernel (RHSA-2010:0079)	Nessus	Red Hat Local Security Checks	critical
60581	Scientific Linux Security Update : kernel on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
60577	Scientific Linux Security Update : kernel on SL4.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	medium
59137	SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6236)	Nessus	SuSE Local Security Checks	high
43746	CentOS 5 : kernel (CESA-2009:0473)	Nessus	CentOS Local Security Checks	medium
42870	VMSA-2009-0016 : VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.	Nessus	VMware ESX Local Security Checks	critical
41539	SuSE 10 Security Update : the Linux kernel (ZYPP Patch Number 6237)	Nessus	SuSE Local Security Checks	high
40012	openSUSE Security Update : kernel (kernel-951)	Nessus	SuSE Local Security Checks	critical
39335	openSUSE 10 Security Update : kernel (kernel-6274)	Nessus	SuSE Local Security Checks	critical
38902	CentOS 4 : kernel (CESA-2009:0459)	Nessus	CentOS Local Security Checks	medium
38845	Mandriva Linux Security Advisory : kernel (MDVSA-2009:118)	Nessus	Mandriva Local Security Checks	medium
38795	Debian DSA-1800-1 : linux-2.6 - denial of service/privilege escalation/sensitive memory leak	Nessus	Debian Local Security Checks	high
38722	Debian DSA-1794-1 : linux-2.6 - denial of service/privilege escalation/information leak	Nessus	Debian Local Security Checks	critical
38709	RHEL 5 : kernel (RHSA-2009:0473)	Nessus	Red Hat Local Security Checks	medium
38668	Debian DSA-1787-1 : linux-2.6.24 - denial of service/privilege escalation/information leak	Nessus	Debian Local Security Checks	critical
38661	RHEL 4 : kernel (RHSA-2009:0459)	Nessus	Red Hat Local Security Checks	medium
37337	Ubuntu 7.10 / 8.04 LTS / 8.10 : linux, linux-source-2.6.22 vulnerabilities (USN-751-1)	Nessus	Ubuntu Local Security Checks	critical
36418	Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-752-1)	Nessus	Ubuntu Local Security Checks	critical
801469	CentOS RHSA-2009-0473 Security Check	Log Correlation Engine	Generic	high
801468	CentOS RHSA-2009-0459 Security Check	Log Correlation Engine	Generic	high

CVE-2009-0834

Description

References

Details

Risk Information

CVSS v2.0