CVE-2009-0342

Published Jan 29, 2009

Last updated 6 years ago

CVSS info 7.2

Overview

Description: Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:provos:systrace:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01CBABB4-4603-447B-A036-22926AA4CC52",
            "versionEndIncluding": "1.6e"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF23E751-38C8-4B5F-8527-D20E3ADEB723"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D036342-98D8-460F-B9B9-1434BF85A961"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C991DB0D-062B-4FBF-A65C-2490F0056767"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBCBB458-F90F-4914-944C-4BD3EAAA9935"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5B1E4B1-7B7D-40D8-9069-F58FED95CFB9"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83E3362A-01FA-4574-AF91-DD5D3272F703"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.6a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "272209F6-64EE-408D-9F14-5CDBD36758D8"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.6b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0FB4779-B9F2-4667-8551-90C092FDE668"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.6c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EE7BAF1-E06E-4B77-B71E-9EFE7D48D40D"
          },
          {
            "criteria": "cpe:2.3:a:provos:systrace:1.6d:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A139ACF1-554C-40D1-A68B-D1A278F706A9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:_nil_:_nil_:x86_64:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FA8AA941-3B59-458D-8C3F-EBB79B754F8C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References