CVE-2009-0834

Publication date 6 March 2009

Last updated 24 July 2024

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

From the Ubuntu Security Team

The syscall interface did not correctly validate parameters when crossing the 64-bit/32-bit boundary. A local attacker could bypass certain syscall restricts via crafted syscalls.

Status

Show unmaintained releases

Package	Ubuntu Release	Status

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-752-1
Linux kernel vulnerabilities
7 April 2009

USN-751-1
Linux kernel vulnerabilities
6 April 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-0834