Back to search
CVE-2001-0268
Published: May 7, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
CSSA-2001-SCO.35
vendor-advisory
x_refsource_CALDERA
NetBSD-SA:2001-002
vendor-advisory
x_refsource_NETBSD
VU#358960
third-party-advisory
x_refsource_CERT-VN
user-ldt-validation(6222)
vdb-entry
x_refsource_XF
2739
vdb-entry
x_refsource_BID
20010302 The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory.
vendor-advisory
x_refsource_OPENBSD
20010219 Re: your mail
mailing-list
x_refsource_BUGTRAQ
6141
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now