#VU92848 Improper input validation in Linux kernel - CVE-2009-0029
Vulnerability identifier: #VU92848
Vulnerability risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to execute arbitrary code.
The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.
Mitigation
Install update from vendor's repository.
Vulnerable software versions
Linux kernel: All versions
External links
https://www.securityfocus.com/bid/33275
https://secunia.com/advisories/33477
https://bugzilla.redhat.com/show_bug.cgi?id=479969
https://marc.info/?l=linux-kernel&m=123155111608910&w=2
https://secunia.com/advisories/33674
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01045.html
https://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
https://www.debian.org/security/2009/dsa-1749
https://secunia.com/advisories/34394
https://secunia.com/advisories/34981
https://www.debian.org/security/2009/dsa-1787
https://secunia.com/advisories/35011
https://www.debian.org/security/2009/dsa-1794
https://www.mandriva.com/security/advisories?name=MDVSA-2009:135
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
