----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Linux Kernel 64bit ABI System Call Parameter Sign Extension Security
Issue

SECUNIA ADVISORY ID:
SA33477

VERIFY ADVISORY:
http://secunia.com/advisories/33477/

CRITICAL:
Less critical

IMPACT:
Privilege escalation, DoS

WHERE:
Local system

OPERATING SYSTEM:
Linux Kernel 2.6.x
http://secunia.com/advisories/product/2719/

DESCRIPTION:
A security issue has been reported in the Linux Kernel, which can be
exploited by malicious, local users to potentially cause a DoS
(Denial of Service) or gain escalated privileges.

The security issue is caused due to the kernel accepting certain
32bit parameters passed in a 64bit register from userspace without
ensuring that the value is correctly sign extended. This may be
exploited to crash a system or potentially gain escalated privileges
by passing specially crafted parameters to affected system calls.

Reportedly, the following architectures use a vulnerable ABI system
when running a 64bit kernel and a 64bit userspace:
* S390
* PowerPC
* SPARC64
* MIPS

SOLUTION:
Restrict access to trusted users only.

PROVIDED AND/OR DISCOVERED BY:
Red Hat credits Christian Borntraeger.

ORIGINAL ADVISORY:
https://bugzilla.redhat.com/show_bug.cgi?id=479969

OTHER REFERENCES:
http://marc.info/?l=linux-kernel&m=123155111608910&w=2

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------