{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-09-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-15T20:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2007:0937","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0937.html"},{"name":"27212","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27212"},{"name":"27227","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27227"},{"name":"RHSA-2007:0938","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0938.html"},{"name":"SUSE-SA:2007:053","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://www.novell.com/linux/security/advisories/2007_53_kernel.html"},{"name":"1018748","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1018748"},{"name":"26953","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26953"},{"name":"FEDORA-2007-2298","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://fedoranews.org/updates/FEDORA-2007-229.shtml"},{"name":"20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/480451/100/0/threaded"},{"name":"26978","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26978"},{"name":"[linux-kernel] 20070921 Linux 2.6.22.7","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lkml.org/lkml/2007/9/21/512"},{"name":"26934","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26934"},{"name":"26994","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26994"},{"name":"26995","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26995"},{"name":"DSA-1504","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2008/dsa-1504"},{"name":"25774","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/25774"},{"name":"MDVSA-2008:008","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"},{"name":"26919","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26919"},{"name":"27912","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/27912"},{"name":"USN-518-1","tags":["vendor-advisory","x_refsource_UBUNTU"],"url":"http://www.ubuntu.com/usn/usn-518-1"},{"name":"ADV-2007-3246","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/3246"},{"name":"[linux-kernel] 20070921 Re: Linux 2.6.22.7","tags":["mailing-list","x_refsource_MLIST"],"url":"http://lkml.org/lkml/2007/9/21/513"},{"name":"20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/480705/100/0/threaded"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"},{"name":"oval:org.mitre.oval:def:9735","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"},{"name":"FEDORA-2007-712","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"},{"name":"DSA-1381","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2007/dsa-1381"},{"name":"20070924 COSEINC Linux Advisory #2: IA32 System Call","tags":["mailing-list","x_refsource_FULLDISC"],"url":"http://marc.info/?l=full-disclosure&m=119062587407908&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"},{"name":"MDKSA-2007:196","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"},{"name":"MDVSA-2008:105","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"},{"name":"SUSE-SA:2007:064","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"},{"name":"RHSA-2007:0936","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0936.html"},{"name":"26955","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26955"},{"name":"29058","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/29058"},{"tags":["x_refsource_CONFIRM"],"url":"https://issues.rpath.com/browse/RPL-1754"},{"name":"26917","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/26917"},{"name":"DSA-1378","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2007/dsa-1378"},{"name":"MDKSA-2007:195","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T15:01:09.784Z"},"title":"CVE Program Container","references":[{"name":"RHSA-2007:0937","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0937.html"},{"name":"27212","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27212"},{"name":"27227","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27227"},{"name":"RHSA-2007:0938","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0938.html"},{"name":"SUSE-SA:2007:053","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://www.novell.com/linux/security/advisories/2007_53_kernel.html"},{"name":"1018748","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1018748"},{"name":"26953","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26953"},{"name":"FEDORA-2007-2298","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://fedoranews.org/updates/FEDORA-2007-229.shtml"},{"name":"20070924 COSEINC Linux Advisory #2: IA32 System Call Emulation Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/480451/100/0/threaded"},{"name":"26978","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26978"},{"name":"[linux-kernel] 20070921 Linux 2.6.22.7","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lkml.org/lkml/2007/9/21/512"},{"name":"26934","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26934"},{"name":"26994","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26994"},{"name":"26995","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26995"},{"name":"DSA-1504","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2008/dsa-1504"},{"name":"25774","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/25774"},{"name":"MDVSA-2008:008","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:008"},{"name":"26919","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26919"},{"name":"27912","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/27912"},{"name":"USN-518-1","tags":["vendor-advisory","x_refsource_UBUNTU","x_transferred"],"url":"http://www.ubuntu.com/usn/usn-518-1"},{"name":"ADV-2007-3246","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/3246"},{"name":"[linux-kernel] 20070921 Re: Linux 2.6.22.7","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://lkml.org/lkml/2007/9/21/513"},{"name":"20070926 Re: COSEINC Linux Advisory #2: IA32 System CallEmulation Vulnerability","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/480705/100/0/threaded"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.7"},{"name":"oval:org.mitre.oval:def:9735","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9735"},{"name":"FEDORA-2007-712","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00355.html"},{"name":"DSA-1381","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2007/dsa-1381"},{"name":"20070924 COSEINC Linux Advisory #2: IA32 System Call","tags":["mailing-list","x_refsource_FULLDISC","x_transferred"],"url":"http://marc.info/?l=full-disclosure&m=119062587407908&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.35.3"},{"name":"MDKSA-2007:196","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:196"},{"name":"MDVSA-2008:105","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:105"},{"name":"SUSE-SA:2007:064","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2007-12/msg00001.html"},{"name":"RHSA-2007:0936","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2007-0936.html"},{"name":"26955","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26955"},{"name":"29058","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/29058"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://issues.rpath.com/browse/RPL-1754"},{"name":"26917","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/26917"},{"name":"DSA-1378","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2007/dsa-1378"},{"name":"MDKSA-2007:195","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:195"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2007-4573","datePublished":"2007-09-24T22:00:00.000Z","dateReserved":"2007-08-28T00:00:00.000Z","dateUpdated":"2024-08-07T15:01:09.784Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}