|Bugzilla:||294541: CVE-2007-4573 x86_64 syscall vulnerability|
The MITRE CVE dictionary describes this issue as:
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 188.8.131.52, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register.
This issue affected users who were running 64-bit versions of Red Hat Enterprise Linux 3, 4, or 5 on x86_64 architecture. It did not affect users of Red Hat Enterprise Linux 2.1.
Updates are available for Red Hat Enterprise Linux 3, 4, and 5 to correct this issue. New kernel packages along with our advisory are available at the URL below as well as via the Red Hat Network. http://rhn.redhat.com/errata/CVE-2007-4573.html
Red Hat security errata
|Red Hat Enterprise Linux version 3 (kernel)||RHSA-2007:0938||September 27, 2007|
|Red Hat Enterprise Linux version 4 (kernel)||RHSA-2007:0937||September 27, 2007|
|Red Hat Enterprise Linux version 5 (kernel)||RHSA-2007:0936||September 27, 2007|
Red Hat would like to thank Wojciech Purczynski for reporting this issue.
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.