7.2

CVE-2009-0029

The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which allows local users to cause a denial of service (crash) or possibly gain privileges via a crafted system call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version <= 2.6.28
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.42% 0.333
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00003.html
Third Party Advisory
http://secunia.com/advisories/34981
Third Party Advisory
http://www.debian.org/security/2009/dsa-1787
Third Party Advisory
http://secunia.com/advisories/35011
Third Party Advisory
http://www.debian.org/security/2009/dsa-1794
Third Party Advisory
http://secunia.com/advisories/33674
Third Party Advisory
http://secunia.com/advisories/34394
Third Party Advisory
http://www.debian.org/security/2009/dsa-1749
Third Party Advisory
https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01045.html
Third Party Advisory
http://marc.info/?l=linux-kernel&m=123155111608910&w=2
Third Party Advisory
Mailing List
http://secunia.com/advisories/33477
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:135
Third Party Advisory
http://www.securityfocus.com/bid/33275
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=479969
Third Party Advisory