Vulnerability-Lookup

CVE-2007-4573 (GCVE-0-2007-4573)

Vulnerability from cvelistv5 – Published: 2007-09-25 02:00 – Updated: 2024-08-07 15:01

Summary

The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://www.redhat.com/support/errata/RHSA-2007-09…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/27212	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27227	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2007-09…	vendor-advisoryx_refsource_REDHAT
	http://www.novell.com/linux/security/advisories/2…	vendor-advisoryx_refsource_SUSE
	http://securitytracker.com/id?1018748	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/26953	third-party-advisoryx_refsource_SECUNIA
	http://fedoranews.org/updates/FEDORA-2007-229.shtml	vendor-advisoryx_refsource_FEDORA
	http://www.securityfocus.com/archive/1/480451/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/26978	third-party-advisoryx_refsource_SECUNIA
	http://lkml.org/lkml/2007/9/21/512	mailing-listx_refsource_MLIST
	http://secunia.com/advisories/26934	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/26994	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/26995	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2008/dsa-1504	vendor-advisoryx_refsource_DEBIAN
	http://www.securityfocus.com/bid/25774	vdb-entryx_refsource_BID
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://secunia.com/advisories/26919	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/27912	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/usn-518-1	vendor-advisoryx_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2007/3246	vdb-entryx_refsource_VUPEN
	http://lkml.org/lkml/2007/9/21/513	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/archive/1/480705/100…	mailing-listx_refsource_BUGTRAQ
	http://www.kernel.org/pub/linux/kernel/v2.6/Chang…	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://www.debian.org/security/2007/dsa-1381	vendor-advisoryx_refsource_DEBIAN
	http://marc.info/?l=full-disclosure&m=11906258740…	mailing-listx_refsource_FULLDISC
	http://kernel.org/pub/linux/kernel/v2.4/ChangeLog…	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2007-09…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/26955	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29058	third-party-advisoryx_refsource_SECUNIA
	https://issues.rpath.com/browse/RPL-1754	x_refsource_CONFIRM
	http://secunia.com/advisories/26917	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2007/dsa-1378	vendor-advisoryx_refsource_DEBIAN
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:01:09.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2007:0937",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
          },
          {
            "name": "27212",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27212"
          },
          {
            "name": "27227",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27227"
          },
          {
            "name": "RHSA-2007:0938",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
          },
          {
            "name": "SUSE-SA:2007:053",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
          },
          {
            "name": "1018748",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018748"
          },
          {
            "name": "26953",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26953"
          },
          {
            "name": "FEDORA-2007-2298",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
          },
          {
            "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
          },
          {
            "name": "26978",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26978"
          },
          {
            "name": "[linux-kernel] 20070921 Linux 2.6.22.7",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lkml.org/lkml/2007/9/21/512"
          },
          {
            "name": "26934",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26934"
          },
          {
            "name": "26994",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26994"
          },
          {
            "name": "26995",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26995"
          },
          {
            "name": "DSA-1504",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1504"
          },
          {
            "name": "25774",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25774"
          },
          {
            "name": "MDVSA-2008:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
          },
          {
            "name": "26919",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26919"
          },
          {
            "name": "27912",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27912"
          },
          {
            "name": "USN-518-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-518-1"
          },
          {
            "name": "ADV-2007-3246",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3246"
          },
          {
            "name": "[linux-kernel] 20070921 Re: Linux 2.6.22.7",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lkml.org/lkml/2007/9/21/513"
          },
          {
            "name": "20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
          },
          {
            "name": "oval:org.mitre.oval:def:9735",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
          },
          {
            "name": "FEDORA-2007-712",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
          },
          {
            "name": "DSA-1381",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1381"
          },
          {
            "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
          },
          {
            "name": "MDKSA-2007:196",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
          },
          {
            "name": "MDVSA-2008:105",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
          },
          {
            "name": "SUSE-SA:2007:064",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
          },
          {
            "name": "RHSA-2007:0936",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
          },
          {
            "name": "26955",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26955"
          },
          {
            "name": "29058",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1754"
          },
          {
            "name": "26917",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26917"
          },
          {
            "name": "DSA-1378",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2007/dsa-1378"
          },
          {
            "name": "MDKSA-2007:195",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-09-21T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T00:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2007:0937",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
        },
        {
          "name": "27212",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27212"
        },
        {
          "name": "27227",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27227"
        },
        {
          "name": "RHSA-2007:0938",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
        },
        {
          "name": "SUSE-SA:2007:053",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
        },
        {
          "name": "1018748",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018748"
        },
        {
          "name": "26953",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26953"
        },
        {
          "name": "FEDORA-2007-2298",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
        },
        {
          "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
        },
        {
          "name": "26978",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26978"
        },
        {
          "name": "[linux-kernel] 20070921 Linux 2.6.22.7",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lkml.org/lkml/2007/9/21/512"
        },
        {
          "name": "26934",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26934"
        },
        {
          "name": "26994",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26994"
        },
        {
          "name": "26995",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26995"
        },
        {
          "name": "DSA-1504",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1504"
        },
        {
          "name": "25774",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25774"
        },
        {
          "name": "MDVSA-2008:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
        },
        {
          "name": "26919",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26919"
        },
        {
          "name": "27912",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27912"
        },
        {
          "name": "USN-518-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-518-1"
        },
        {
          "name": "ADV-2007-3246",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3246"
        },
        {
          "name": "[linux-kernel] 20070921 Re: Linux 2.6.22.7",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lkml.org/lkml/2007/9/21/513"
        },
        {
          "name": "20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
        },
        {
          "name": "oval:org.mitre.oval:def:9735",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
        },
        {
          "name": "FEDORA-2007-712",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
        },
        {
          "name": "DSA-1381",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1381"
        },
        {
          "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
        },
        {
          "name": "MDKSA-2007:196",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
        },
        {
          "name": "MDVSA-2008:105",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
        },
        {
          "name": "SUSE-SA:2007:064",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
        },
        {
          "name": "RHSA-2007:0936",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
        },
        {
          "name": "26955",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26955"
        },
        {
          "name": "29058",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1754"
        },
        {
          "name": "26917",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26917"
        },
        {
          "name": "DSA-1378",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2007/dsa-1378"
        },
        {
          "name": "MDKSA-2007:195",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2007-4573",
    "datePublished": "2007-09-25T02:00:00.000Z",
    "dateReserved": "2007-08-28T04:00:00.000Z",
    "dateUpdated": "2024-08-07T15:01:09.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-234

Vulnerability from certfr_avis - Published: 2007-05-30 - Updated: 2007-05-30

Plusieurs vulnérabilités ont été identifiées : elles concernent le système d'exploitation Mac OS X. L'exploitation de ces dernières peut avoir des conséquences variées, comme l'exécution de code arbitraire, ou un dysfonctionnement du système vulnérable.

Description

Plusieurs vulnérabilités ont été identifiées dans le système d'exploitation Mac OS X. Parmi celles-ci :

Alias Manager : il existerait, sous certaines conditions, une incohérence sur les noms de fichier lorsque deux images disque sont montées. Cette vulnérabilité pourrait être exploitée pour faire ouvrir et/ou exécuter un fichier différent de celui demandé sur le système vulnérable ;
BIND : plusieurs vulnérabilités ont été corrigées dans le serveur DNS pour Mac OS X. Elles sont semblables à celles décrites dans les avis CERTA-2006-AVI-385 et CERTA-2007-AVI-056 ;
CoreGraphics : l'application ne manipulerait pas correctement certains fichiers au format PDF (pour Portable Document Format), pouvant entraîner l'exécution de commande arbitraire à distance ;
crontabs : le gestionnaire de tâches pourrait perturber le système de fichiers monté dans le répertoire /tmp, par le biais du script de nettoyage journalier.
fetchmail : une vulnérabilité présente dans fetchmail permettrait de récupérer tout ou partie d'un mot de passe échangé au cours de l'initialisation de la connexion POP3. Cette vulnérabilité est différente de celle décrite dans CERTA-2007-AVI-020.
file : la commande file ne manipule pas correctement certains fichiers, ce qui peut provoquer l'interruption de la commande, voire l'exécution de code arbitraire sur le système vulnérable.
iChat : l'application de messagerie instantanée ne gère pas correctement certains paquets UPnP IGD (pour Internet Gateway Device Standardized Device Control Protocol). Une personne malveillante distante peut ainsi exploiter cette vulnérabilité en envoyant un paquet spécialement construit, afin de perturber l'application ou d'exécuter du code arbitraire à distance.
mDNSResponder : le problème est identique à celui présenté pour iChat mais n'affecterait que les versions au moins équivalentes à Mac OS X v10.4 ;
PPP : le démon PPP ne chargerait pas correctement certains modules au cours de son lancement en ligne de commandes, ce qui permettrait à une personne malveillante locale d'élever ses privilèges sur le système vulnérable ;
ruby : les vulnérabilités corrigées ont été présentées dans l'avis CERTA-2006-AVI-562 ;
screen : le service GNU Screen auraient plusieurs vulnérabilités exploitables par la ligne de commande screen, et qui provoqueraient sous certaines conditions un déni de service.
texinfo : une vulnérabilité permettrait d'élever ses privilèges à ceux de l'utilisateur utilisant texinfo afin de créer ou d'écraser des fichiers d'accès limité.
VPN : le démon vpnd ne manipulerait pas correctement certaines chaînes de caractères, permettant à un utilisateur local d'élever ses privilèges à ceux du système et d'exécuter du code arbitraire sur la machine.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Apple	N/A	Apple Mac OS X Server v10.3.9 ;
Apple	N/A	Apple Mac OS X v10.4.9 ;
Apple	N/A	Apple Mac OS X v10.3.9 ;
Apple	N/A	Apple Mac OS X Server v10.4.9.

References

Title

Publication Time

Tags

Avis de sécurité Apple 2007-005 305530 du 29 mai 2007	None	vendor-advisory
Bulletin de sécurité Apple du 29 mai 2007 :	-	other
Message dans la liste de diffusion GNU concernant GNU Screen paru en octobre 2006 :	-	other
Avis de sécurité Fetchmail associé SA-2007-01 du 18 mars 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Apple Mac OS X Server v10.3.9 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X v10.4.9 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X v10.3.9 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    },
    {
      "description": "Apple Mac OS X Server v10.4.9.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Apple",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans le syst\u00e8me\nd\u0027exploitation Mac OS X. Parmi celles-ci :\n\n-   Alias Manager : il existerait, sous certaines conditions, une\n    incoh\u00e9rence sur les noms de fichier lorsque deux images disque sont\n    mont\u00e9es. Cette vuln\u00e9rabilit\u00e9 pourrait \u00eatre exploit\u00e9e pour faire\n    ouvrir et/ou ex\u00e9cuter un fichier diff\u00e9rent de celui demand\u00e9 sur le\n    syst\u00e8me vuln\u00e9rable ;\n-   BIND : plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le serveur\n    DNS pour Mac OS X. Elles sont semblables \u00e0 celles d\u00e9crites dans les\n    avis CERTA-2006-AVI-385 et CERTA-2007-AVI-056 ;\n-   CoreGraphics : l\u0027application ne manipulerait pas correctement\n    certains fichiers au format PDF (pour Portable Document Format),\n    pouvant entra\u00eener l\u0027ex\u00e9cution de commande arbitraire \u00e0 distance ;\n-   crontabs : le gestionnaire de t\u00e2ches pourrait perturber le syst\u00e8me\n    de fichiers mont\u00e9 dans le r\u00e9pertoire /tmp, par le biais du script de\n    nettoyage journalier.\n-   fetchmail : une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans fetchmail permettrait de\n    r\u00e9cup\u00e9rer tout ou partie d\u0027un mot de passe \u00e9chang\u00e9 au cours de\n    l\u0027initialisation de la connexion POP3. Cette vuln\u00e9rabilit\u00e9 est\n    diff\u00e9rente de celle d\u00e9crite dans CERTA-2007-AVI-020.\n-   file : la commande file ne manipule pas correctement certains\n    fichiers, ce qui peut provoquer l\u0027interruption de la commande, voire\n    l\u0027ex\u00e9cution de code arbitraire sur le syst\u00e8me vuln\u00e9rable.\n-   iChat : l\u0027application de messagerie instantan\u00e9e ne g\u00e8re pas\n    correctement certains paquets UPnP IGD (pour Internet Gateway Device\n    Standardized Device Control Protocol). Une personne malveillante\n    distante peut ainsi exploiter cette vuln\u00e9rabilit\u00e9 en envoyant un\n    paquet sp\u00e9cialement construit, afin de perturber l\u0027application ou\n    d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n-   mDNSResponder : le probl\u00e8me est identique \u00e0 celui pr\u00e9sent\u00e9 pour\n    iChat mais n\u0027affecterait que les versions au moins \u00e9quivalentes \u00e0\n    Mac OS X v10.4 ;\n-   PPP : le d\u00e9mon PPP ne chargerait pas correctement certains modules\n    au cours de son lancement en ligne de commandes, ce qui permettrait\n    \u00e0 une personne malveillante locale d\u0027\u00e9lever ses privil\u00e8ges sur le\n    syst\u00e8me vuln\u00e9rable ;\n-   ruby : les vuln\u00e9rabilit\u00e9s corrig\u00e9es ont \u00e9t\u00e9 pr\u00e9sent\u00e9es dans l\u0027avis\n    CERTA-2006-AVI-562 ;\n-   screen : le service GNU Screen auraient plusieurs vuln\u00e9rabilit\u00e9s\n    exploitables par la ligne de commande screen, et qui provoqueraient\n    sous certaines conditions un d\u00e9ni de service.\n-   texinfo : une vuln\u00e9rabilit\u00e9 permettrait d\u0027\u00e9lever ses privil\u00e8ges \u00e0\n    ceux de l\u0027utilisateur utilisant texinfo afin de cr\u00e9er ou d\u0027\u00e9craser\n    des fichiers d\u0027acc\u00e8s limit\u00e9.\n-   VPN : le d\u00e9mon vpnd ne manipulerait pas correctement certaines\n    cha\u00eenes de caract\u00e8res, permettant \u00e0 un utilisateur local d\u0027\u00e9lever\n    ses privil\u00e8ges \u00e0 ceux du syst\u00e8me et d\u0027ex\u00e9cuter du code arbitraire\n    sur la machine.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2006-5467",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5467"
    },
    {
      "name": "CVE-2007-1558",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1558"
    },
    {
      "name": "CVE-2006-6303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-6303"
    },
    {
      "name": "CVE-2007-0751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0751"
    },
    {
      "name": "CVE-2007-1536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-1536"
    },
    {
      "name": "CVE-2007-0494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0494"
    },
    {
      "name": "CVE-2006-4096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4096"
    },
    {
      "name": "CVE-2007-2386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2386"
    },
    {
      "name": "CVE-2007-4573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4573"
    },
    {
      "name": "CVE-2007-0493",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0493"
    },
    {
      "name": "CVE-2007-0752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0752"
    },
    {
      "name": "CVE-2007-0750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0750"
    },
    {
      "name": "CVE-2007-2390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-2390"
    },
    {
      "name": "CVE-2007-0740",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0740"
    },
    {
      "name": "CVE-2006-4095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4095"
    },
    {
      "name": "CVE-2007-0753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-0753"
    },
    {
      "name": "CVE-2005-3011",
      "url": "https://www.cve.org/CVERecord?id=CVE-2005-3011"
    }
  ],
  "initial_release_date": "2007-05-30T00:00:00",
  "last_revision_date": "2007-05-30T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 29 mai 2007 :",
      "url": "http://docs.info.apple.com/article.html?artnum=305530"
    },
    {
      "title": "Message dans la liste de diffusion GNU concernant GNU    Screen paru en octobre 2006 :",
      "url": "http://lists.gnu.org/archive/html/screen-users/2006-10/msg00028.html"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Fetchmail associ\u00e9 SA-2007-01 du 18 mars    2007 :",
      "url": "http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt"
    }
  ],
  "reference": "CERTA-2007-AVI-234",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-05-30T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es : elles concernent le\nsyst\u00e8me d\u0027exploitation Mac OS X. L\u0027exploitation de ces derni\u00e8res peut\navoir des cons\u00e9quences vari\u00e9es, comme l\u0027ex\u00e9cution de code arbitraire, ou\nun dysfonctionnement du syst\u00e8me vuln\u00e9rable.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Apple 2007-005 305530 du 29 mai 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-416

Vulnerability from certfr_avis - Published: 2007-09-24 - Updated: 2007-09-24

Une vulnérabilité dans le noyau Linux permet à un utilisateur local d'élever ses privilèges.

Description

Une vulnérabilité dans la mise en œuvre de l'appel système ptrace par le noyau Linux permet à un utilisateur local d'élever ses privilèges. La faille est relative à une mauvaise initialisation de registre sur une architecture x86_64 lors de la sortie d'un appel système ptrace en mode 32bit.

Solution

Les versions 2.4.35.3 et 2.6.22.7 du noyau Linux corrigent le problème :

http://www.kernel.org/pub/linux/kernel/v2.4/

http://www.kernel.org/pub/linux/kernel/v2.6/

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Linux kernel versions 2.6.22.6 et antérieures.
	N/A	N/A	Linux kernel versions 2.4.35.2 et antérieures ;

References

Title

Publication Time

Tags

Liste des changements apportés aux versions 2.4.35.3 et 2.6.22.7 du noyau Linux	None	vendor-advisory
Site du noyau Linux :	-	other
Liste des changements apportés à la version 2.4.35.3 du noyau Linux :	-	other
Liste des changements apportés à la version 2.6.22.7 du noyau Linux :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Linux kernel versions 2.6.22.6 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Linux kernel versions 2.4.35.2 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la mise en \u0153uvre de l\u0027appel syst\u00e8me ptrace par le\nnoyau Linux permet \u00e0 un utilisateur local d\u0027\u00e9lever ses privil\u00e8ges. La\nfaille est relative \u00e0 une mauvaise initialisation de registre sur une\narchitecture x86_64 lors de la sortie d\u0027un appel syst\u00e8me ptrace en mode\n32bit.\n\n## Solution\n\nLes versions 2.4.35.3 et 2.6.22.7 du noyau Linux corrigent le probl\u00e8me :\n\n    http://www.kernel.org/pub/linux/kernel/v2.4/\n\n    http://www.kernel.org/pub/linux/kernel/v2.6/\n",
  "cves": [
    {
      "name": "CVE-2007-4573",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4573"
    }
  ],
  "initial_release_date": "2007-09-24T00:00:00",
  "last_revision_date": "2007-09-24T00:00:00",
  "links": [
    {
      "title": "Site du noyau Linux :",
      "url": "http://www.kernel.org"
    },
    {
      "title": "Liste des changements apport\u00e9s \u00e0 la version 2.4.35.3 du    noyau Linux :",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/Changelog-2.4.35.3"
    },
    {
      "title": "Liste des changements apport\u00e9s \u00e0 la version 2.6.22.7 du    noyau Linux :",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.4/Changelog-2.6.22.7"
    }
  ],
  "reference": "CERTA-2007-AVI-416",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 dans le noyau Linux permet \u00e0 un utilisateur local\nd\u0027\u00e9lever ses privil\u00e8ges.\n",
  "title": "Vuln\u00e9rabilit\u00e9 du noyau Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Liste des changements apport\u00e9s aux versions 2.4.35.3 et 2.6.22.7 du noyau Linux",
      "url": null
    }
  ]
}

GHSA-JQFP-QWQ6-6W3H

Vulnerability from github – Published: 2022-05-01 18:25 – Updated: 2022-05-01 18:25

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-4573"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-09-24T22:17:00Z",
    "severity": "HIGH"
  },
  "details": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.",
  "id": "GHSA-jqfp-qwq6-6w3h",
  "modified": "2022-05-01T18:25:07Z",
  "published": "2022-05-01T18:25:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-4573"
    },
    {
      "type": "WEB",
      "url": "https://issues.rpath.com/browse/RPL-1754"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
    },
    {
      "type": "WEB",
      "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
    },
    {
      "type": "WEB",
      "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lkml.org/lkml/2007/9/21/512"
    },
    {
      "type": "WEB",
      "url": "http://lkml.org/lkml/2007/9/21/513"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26917"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26919"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26934"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26953"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26955"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26978"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26994"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26995"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27212"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27227"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/27912"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/29058"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018748"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1378"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2007/dsa-1381"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2008/dsa-1504"
    },
    {
      "type": "WEB",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
    },
    {
      "type": "WEB",
      "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/25774"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/usn-518-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/3246"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2007-4573

Vulnerability from fkie_nvd - Published: 2007-09-24 22:17 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://fedoranews.org/updates/FEDORA-2007-229.shtml
secalert@redhat.com	http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
secalert@redhat.com	http://lkml.org/lkml/2007/9/21/512	Patch
secalert@redhat.com	http://lkml.org/lkml/2007/9/21/513
secalert@redhat.com	http://marc.info/?l=full-disclosure&m=119062587407908&w=2
secalert@redhat.com	http://secunia.com/advisories/26917
secalert@redhat.com	http://secunia.com/advisories/26919
secalert@redhat.com	http://secunia.com/advisories/26934
secalert@redhat.com	http://secunia.com/advisories/26953
secalert@redhat.com	http://secunia.com/advisories/26955
secalert@redhat.com	http://secunia.com/advisories/26978
secalert@redhat.com	http://secunia.com/advisories/26994
secalert@redhat.com	http://secunia.com/advisories/26995
secalert@redhat.com	http://secunia.com/advisories/27212
secalert@redhat.com	http://secunia.com/advisories/27227
secalert@redhat.com	http://secunia.com/advisories/27912
secalert@redhat.com	http://secunia.com/advisories/29058
secalert@redhat.com	http://securitytracker.com/id?1018748
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1378
secalert@redhat.com	http://www.debian.org/security/2007/dsa-1381
secalert@redhat.com	http://www.debian.org/security/2008/dsa-1504
secalert@redhat.com	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:195
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2008:105
secalert@redhat.com	http://www.novell.com/linux/security/advisories/2007_53_kernel.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0936.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0937.html
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2007-0938.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/480451/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/480705/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/25774
secalert@redhat.com	http://www.ubuntu.com/usn/usn-518-1
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/3246
secalert@redhat.com	https://issues.rpath.com/browse/RPL-1754
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735
secalert@redhat.com	https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html
af854a3a-2127-422b-91ae-364da2661108	http://fedoranews.org/updates/FEDORA-2007-229.shtml
af854a3a-2127-422b-91ae-364da2661108	http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lkml.org/lkml/2007/9/21/512	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lkml.org/lkml/2007/9/21/513
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=full-disclosure&m=119062587407908&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26917
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26919
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26934
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26953
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26955
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26978
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26994
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26995
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27212
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27227
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27912
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29058
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018748
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1378
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2007/dsa-1381
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1504
af854a3a-2127-422b-91ae-364da2661108	http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:195
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2007:196
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:008
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:105
af854a3a-2127-422b-91ae-364da2661108	http://www.novell.com/linux/security/advisories/2007_53_kernel.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0936.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0937.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2007-0938.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/480451/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/480705/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25774
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/usn-518-1
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3246
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1754
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html

Impacted products

	Vendor	Product	Version
	linux	linux_kernel	*
	linux	linux_kernel	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "58EF3270-25F7-44A1-806E-680B6D406B1F",
              "versionEndIncluding": "2.4.35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "C6C3F3CA-3C63-40C1-9BE1-27489B5AC24F",
              "versionEndIncluding": "2.6.22.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register."
    },
    {
      "lang": "es",
      "value": "La funcionalidad de emulaci\u00f3n de llamada del sistema IA32 en Linux kernel 2.4.x y 2.6.x versiones anteriores a 2.6.22.7, cuando se ejecuta en arquitecturas x86_64, no extiende a cero el registro eax despu\u00e9s de ser usada una ruta de entrada 32bit en ptrace, lo cual podr\u00eda permitir a usuarios locales, obtener privilegios al disparar un acceso fuera de l\u00edmites en la tabla de llamadas del sistema utilizando el registro %RAX."
    }
  ],
  "id": "CVE-2007-4573",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-09-24T22:17:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://lkml.org/lkml/2007/9/21/512"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lkml.org/lkml/2007/9/21/513"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26917"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26919"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26934"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26953"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26955"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26978"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26994"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/26995"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27212"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27227"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/27912"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/29058"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1018748"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1378"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2007/dsa-1381"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2008/dsa-1504"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/25774"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/usn-518-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/3246"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://issues.rpath.com/browse/RPL-1754"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://lkml.org/lkml/2007/9/21/512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lkml.org/lkml/2007/9/21/513"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26953"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/26995"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27212"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27227"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/27912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018748"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2007/dsa-1381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1504"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25774"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/usn-518-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1754"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "This issue affected users who were running 64-bit versions of Red Hat Enterprise Linux 3, 4, or 5 on x86_64 architecture.  It did not affect users of Red Hat Enterprise Linux 2.1. \n\nUpdates are available for Red Hat Enterprise Linux 3, 4, and 5 to correct\nthis issue.  New kernel packages along with our advisory are available at\nthe URL below as well as via the Red Hat Network. http://rhn.redhat.com/errata/CVE-2007-4573.html\n",
      "lastModified": "2007-09-27T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2007-4573

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-4573

Aliases

CVE-2007-4573

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-4573",
    "description": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.",
    "id": "GSD-2007-4573",
    "references": [
      "https://www.suse.com/security/cve/CVE-2007-4573.html",
      "https://www.debian.org/security/2008/dsa-1504",
      "https://www.debian.org/security/2007/dsa-1381",
      "https://www.debian.org/security/2007/dsa-1378",
      "https://access.redhat.com/errata/RHSA-2007:0938",
      "https://access.redhat.com/errata/RHSA-2007:0937",
      "https://access.redhat.com/errata/RHSA-2007:0936",
      "https://linux.oracle.com/cve/CVE-2007-4573.html",
      "https://packetstormsecurity.com/files/cve/CVE-2007-4573"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-4573"
      ],
      "details": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.",
      "id": "GSD-2007-4573",
      "modified": "2023-12-13T01:21:36.375207Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2007-4573",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/advisories/29058",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/29058"
          },
          {
            "name": "http://www.debian.org/security/2008/dsa-1504",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2008/dsa-1504"
          },
          {
            "name": "http://secunia.com/advisories/27227",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27227"
          },
          {
            "name": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html",
            "refsource": "MISC",
            "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
          },
          {
            "name": "http://secunia.com/advisories/27912",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27912"
          },
          {
            "name": "http://secunia.com/advisories/27212",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/27212"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
          },
          {
            "name": "http://secunia.com/advisories/26955",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26955"
          },
          {
            "name": "http://secunia.com/advisories/26978",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26978"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1378",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1378"
          },
          {
            "name": "http://www.ubuntu.com/usn/usn-518-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/usn-518-1"
          },
          {
            "name": "http://secunia.com/advisories/26994",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26994"
          },
          {
            "name": "http://www.debian.org/security/2007/dsa-1381",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2007/dsa-1381"
          },
          {
            "name": "http://fedoranews.org/updates/FEDORA-2007-229.shtml",
            "refsource": "MISC",
            "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
          },
          {
            "name": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3",
            "refsource": "MISC",
            "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
          },
          {
            "name": "http://lkml.org/lkml/2007/9/21/512",
            "refsource": "MISC",
            "url": "http://lkml.org/lkml/2007/9/21/512"
          },
          {
            "name": "http://lkml.org/lkml/2007/9/21/513",
            "refsource": "MISC",
            "url": "http://lkml.org/lkml/2007/9/21/513"
          },
          {
            "name": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2",
            "refsource": "MISC",
            "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
          },
          {
            "name": "http://secunia.com/advisories/26917",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26917"
          },
          {
            "name": "http://secunia.com/advisories/26919",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26919"
          },
          {
            "name": "http://secunia.com/advisories/26934",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26934"
          },
          {
            "name": "http://secunia.com/advisories/26953",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26953"
          },
          {
            "name": "http://secunia.com/advisories/26995",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/26995"
          },
          {
            "name": "http://securitytracker.com/id?1018748",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1018748"
          },
          {
            "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7",
            "refsource": "MISC",
            "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0936.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0937.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2007-0938.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/480451/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/480705/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/25774",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/25774"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/3246",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/3246"
          },
          {
            "name": "https://issues.rpath.com/browse/RPL-1754",
            "refsource": "MISC",
            "url": "https://issues.rpath.com/browse/RPL-1754"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
          },
          {
            "name": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html",
            "refsource": "MISC",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:x86_64:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.6.22.6",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:x86_64:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.4.35",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2007-4573"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://marc.info/?l=full-disclosure\u0026m=119062587407908\u0026w=2"
            },
            {
              "name": "[linux-kernel] 20070921 Linux 2.6.22.7",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://lkml.org/lkml/2007/9/21/512"
            },
            {
              "name": "[linux-kernel] 20070921 Re: Linux 2.6.22.7",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://lkml.org/lkml/2007/9/21/513"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"
            },
            {
              "name": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1754",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.rpath.com/browse/RPL-1754"
            },
            {
              "name": "DSA-1381",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1381"
            },
            {
              "name": "DSA-1378",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2007/dsa-1378"
            },
            {
              "name": "FEDORA-2007-712",
              "refsource": "FEDORA",
              "tags": [],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"
            },
            {
              "name": "FEDORA-2007-2298",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://fedoranews.org/updates/FEDORA-2007-229.shtml"
            },
            {
              "name": "MDKSA-2007:196",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"
            },
            {
              "name": "MDKSA-2007:195",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"
            },
            {
              "name": "RHSA-2007:0936",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0936.html"
            },
            {
              "name": "RHSA-2007:0937",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0937.html"
            },
            {
              "name": "RHSA-2007:0938",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0938.html"
            },
            {
              "name": "SUSE-SA:2007:053",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://www.novell.com/linux/security/advisories/2007_53_kernel.html"
            },
            {
              "name": "SUSE-SA:2007:064",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"
            },
            {
              "name": "USN-518-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/usn-518-1"
            },
            {
              "name": "25774",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/25774"
            },
            {
              "name": "1018748",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1018748"
            },
            {
              "name": "26919",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26919"
            },
            {
              "name": "26934",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26934"
            },
            {
              "name": "26953",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26953"
            },
            {
              "name": "26955",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26955"
            },
            {
              "name": "26917",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26917"
            },
            {
              "name": "26978",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26978"
            },
            {
              "name": "26995",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26995"
            },
            {
              "name": "26994",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/26994"
            },
            {
              "name": "27212",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27212"
            },
            {
              "name": "27227",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27227"
            },
            {
              "name": "27912",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/27912"
            },
            {
              "name": "MDVSA-2008:008",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"
            },
            {
              "name": "DSA-1504",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2008/dsa-1504"
            },
            {
              "name": "29058",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/29058"
            },
            {
              "name": "MDVSA-2008:105",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"
            },
            {
              "name": "ADV-2007-3246",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/3246"
            },
            {
              "name": "oval:org.mitre.oval:def:9735",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"
            },
            {
              "name": "20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/480705/100/0/threaded"
            },
            {
              "name": "20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/480451/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-15T21:36Z",
      "publishedDate": "2007-09-24T22:17Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-4573 (GCVE-0-2007-4573)

CERTA-2007-AVI-234

Description

Solution

CERTA-2007-AVI-416

Description

Solution

GHSA-JQFP-QWQ6-6W3H

FKIE_CVE-2007-4573

GSD-2007-4573

Tags

Sightings

Nomenclature