CVE-2009-0342

Niels Provos Systrace before 1.6f on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 64-bit syscall with a syscall number that corresponds to a policy-compliant 32-bit syscall.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
VendorProductVersion
provossystrace
𝑥
≤ 1.6e
provossystrace
1.1
provossystrace
1.2
provossystrace
1.3
provossystrace
1.4
provossystrace
1.5
provossystrace
1.6
provossystrace
1.6a:a
provossystrace
1.6b:b
provossystrace
1.6c:c
provossystrace
1.6d:d
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://scary.beasts.org/security/CESA-2009-001.html
http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html
http://www.citi.umich.edu/u/provos/systrace/
http://www.securityfocus.com/archive/1/500377/100/0/threaded
http://www.securityfocus.com/bid/33417
http://scary.beasts.org/security/CESA-2009-001.html
http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html
http://www.citi.umich.edu/u/provos/systrace/
http://www.securityfocus.com/archive/1/500377/100/0/threaded
http://www.securityfocus.com/bid/33417