Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 196826 - Kernel: x86_64 privilege escalation (CVE-2007-4573)
Summary: Kernel: x86_64 privilege escalation (CVE-2007-4573)
Status: RESOLVED DUPLICATE of bug 193386
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://cve.mitre.org/cgi-bin/cvename....
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-10-23 19:25 UTC by Sune Kloppenborg Jeppesen (RETIRED)
Modified: 2007-10-23 20:18 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-10-23 19:25:56 UTC 
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-10-23 20:18:17 UTC 

*** This bug has been marked as a duplicate of bug 193386 ***