Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-0029

Опубликовано: 10 янв. 2009
Источник: redhat
CVSS2: 7.2
EPSS Низкий

Описание

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

Отчет

This flaw affects most 64-bit architectures, including IBM S/390 and 64-bit PowerPC, but it does not affect x86_64 or Intel Itanium. The risks associated with fixing this flaw are greater than the security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 3, 4, or 5. Red Hat Enterprise MRG is not affected as it is not supported on 64-bit architectures other than x86_64.

Ссылки на источники

Дополнительная информация

Статус:

Important
Дефект:
CWE-681->CWE-119
https://bugzilla.redhat.com/show_bug.cgi?id=479969Linux Kernel insecure 64 bit system call argument passing

EPSS

Процентиль: 12%
0.00043
Низкий

7.2 High

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-0029

ubuntu
больше 16 лет назад

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

nvd логотип

CVE-2009-0029

nvd
больше 16 лет назад

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

debian логотип

CVE-2009-0029

debian
больше 16 лет назад

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc ...

github логотип

GHSA-4cr9-h3gm-wcrx

github
больше 3 лет назад

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.

fstec логотип

BDU:2015-01919

fstec
больше 10 лет назад

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 12%
0.00043
Низкий

7.2 High

CVSS2