CVE-2009-0343

Niels Provos Systrace 1.6f and earlier on the x86_64 Linux platform allows local users to bypass intended access restrictions by making a 32-bit syscall with a syscall number that corresponds to a policy-compliant 64-bit syscall, related to race conditions that occur in monitoring 64-bit processes.

Published: Jan 29, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-0343
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
niels_provos / systrace	-	1.6e.x
niels_provos / systrace	1.1	1.1.x
niels_provos / systrace	1.2	1.2.x
niels_provos / systrace	1.3	1.3.x
niels_provos / systrace	1.4	1.4.x
niels_provos / systrace	1.5	1.5.x
niels_provos / systrace	1.6	1.6.x
niels_provos / systrace	1.6a	1.6a.x
niels_provos / systrace	1.6b	1.6b.x
niels_provos / systrace	1.6c	1.6c.x
niels_provos / systrace	1.6d	1.6d.x

http://scary.beasts.org/security/CESA-2009-001.html
http://scarybeastsecurity.blogspot.com/2009/01/bypassing-syscall-filtering.html
http://www.citi.umich.edu/u/provos/systrace/
http://www.securityfocus.com/archive/1/500377/100/0/threaded
http://www.securityfocus.com/bid/33417

Vulnerability Database

289,697

CVE-2009-0343