CVE-2009-0343

Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
niels_provossystrace
𝑥
≤ 1.6e
niels_provossystrace
1.1
niels_provossystrace
1.2
niels_provossystrace
1.3
niels_provossystrace
1.4
niels_provossystrace
1.5
niels_provossystrace
1.6
niels_provossystrace
1.6a:a
niels_provossystrace
1.6b:b
niels_provossystrace
1.6c:c
niels_provossystrace
1.6d:d
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://scary.beasts.org/security/CESA-2009-001.html
http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html
http://www.citi.umich.edu/u/provos/systrace/
http://www.securityfocus.com/archive/1/500377/100/0/threaded
http://www.securityfocus.com/bid/33417
http://scary.beasts.org/security/CESA-2009-001.html
http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html
http://www.citi.umich.edu/u/provos/systrace/
http://www.securityfocus.com/archive/1/500377/100/0/threaded
http://www.securityfocus.com/bid/33417