CVE - CVE-2007-4573

CVE-ID
CVE-2007-4573	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1018748 URL:http://securitytracker.com/id?1018748 MISC:20070924 COSEINC Linux Advisory #2: IA32 System Call URL:http://marc.info/?l=full-disclosure&m=119062587407908&w=2 MISC:20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability URL:http://www.securityfocus.com/archive/1/480451/100/0/threaded MISC:20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability URL:http://www.securityfocus.com/archive/1/480705/100/0/threaded MISC:25774 URL:http://www.securityfocus.com/bid/25774 MISC:26917 URL:http://secunia.com/advisories/26917 MISC:26919 URL:http://secunia.com/advisories/26919 MISC:26934 URL:http://secunia.com/advisories/26934 MISC:26953 URL:http://secunia.com/advisories/26953 MISC:26955 URL:http://secunia.com/advisories/26955 MISC:26978 URL:http://secunia.com/advisories/26978 MISC:26994 URL:http://secunia.com/advisories/26994 MISC:26995 URL:http://secunia.com/advisories/26995 MISC:27212 URL:http://secunia.com/advisories/27212 MISC:27227 URL:http://secunia.com/advisories/27227 MISC:27912 URL:http://secunia.com/advisories/27912 MISC:29058 URL:http://secunia.com/advisories/29058 MISC:ADV-2007-3246 URL:~~http://www.vupen.com/english/advisories/2007/3246~~ (Obsolete source) MISC:DSA-1378 URL:http://www.debian.org/security/2007/dsa-1378 MISC:DSA-1381 URL:http://www.debian.org/security/2007/dsa-1381 MISC:DSA-1504 URL:http://www.debian.org/security/2008/dsa-1504 MISC:FEDORA-2007-2298 URL:http://fedoranews.org/updates/FEDORA-2007-229.shtml MISC:FEDORA-2007-712 URL:https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html MISC:MDKSA-2007:195 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:195~~ (Obsolete source) MISC:MDKSA-2007:196 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:196~~ (Obsolete source) MISC:MDVSA-2008:008 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:008~~ (Obsolete source) MISC:MDVSA-2008:105 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:105~~ (Obsolete source) MISC:RHSA-2007:0936 URL:http://www.redhat.com/support/errata/RHSA-2007-0936.html MISC:RHSA-2007:0937 URL:http://www.redhat.com/support/errata/RHSA-2007-0937.html MISC:RHSA-2007:0938 URL:http://www.redhat.com/support/errata/RHSA-2007-0938.html MISC:SUSE-SA:2007:053 URL:http://www.novell.com/linux/security/advisories/2007_53_kernel.html MISC:SUSE-SA:2007:064 URL:http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html MISC:USN-518-1 URL:http://www.ubuntu.com/usn/usn-518-1 MISC:[linux-kernel] 20070921 Linux 2.6.22.7 URL:http://lkml.org/lkml/2007/9/21/512 MISC:[linux-kernel] 20070921 Re: Linux 2.6.22.7 URL:http://lkml.org/lkml/2007/9/21/513 MISC:http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3 URL:http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3 MISC:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7 URL:http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7 MISC:https://issues.rpath.com/browse/RPL-1754 URL:https://issues.rpath.com/browse/RPL-1754 MISC:oval:org.mitre.oval:def:9735 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735
Assigning CNA
Red Hat, Inc.
Date Record Created
20070828	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070828)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)