Multiple Vendor Call Gate Creation Input Validation Vulnerability

In some i386 operating systems, the mechanisms for setting LDT entries contain an input validation error that can be exploited when creating call gates. By default on NetBSD and Solaris systems, it may be possible for users to create malicious LDT entries resulting in kernel code at arbitrary addresses being executed when the procedure is called. It has been reported that OpenBSD contains this vulnerability, however it is not present in default kernels.

It is likely that this vulnerability can be used to gain root privileges.


Privacy Statement
Copyright 2010, SecurityFocus