PT-2009-3006 · Linux · Systrace

Chris Evans

Published

2009-01-29

Updated

2018-10-11

CVE-2009-0343

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Systrace versions 1.6f and earlier

Description The issue allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall. This is related to race conditions that occur in monitoring 64-bit processes on the x86 64 Linux platform.

Recommendations For Systrace versions 1.6f and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2009-0343

Affected Products

Systrace

PT-2009-3006 · Linux · Systrace

CVE-2009-0343

Weakness Enumeration

Related Identifiers

Affected Products

References · 7