CVE-2009-0834

Linux kernel <2.6.28.7 - Privilege Escalation

Title source: llm

Description

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

References (39)

... and 19 more

Scores

EPSS 0.0005
EPSS Percentile 15.4%

Classification

Status draft

Affected Products (20)

linux/linux_kernel < 2.6.28.7
debian/debian_linux
debian/debian_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
canonical/ubuntu_linux
redhat/enterprise_linux_desktop
redhat/enterprise_linux_desktop
redhat/enterprise_linux_eus
redhat/enterprise_linux_eus
redhat/enterprise_linux_server
redhat/enterprise_linux_server
redhat/enterprise_linux_server_aus
redhat/enterprise_linux_workstation
redhat/enterprise_linux_workstation
... and 5 more

Timeline

Published Mar 06, 2009
Tracked Since Feb 18, 2026