oss-sec mailing list archives
Re: CVE request -- kernel: execshield: predictable ascii armour base address
From: Eugene Teo <eugene () redhat com>
Date: Tue, 20 Mar 2012 21:10:33 +0800
On 03/20/2012 06:20 PM, Petr Matousek wrote:
When running a binary with a lot of shared libraries, predictable base address is used for one of the loaded libraries. This flaw could be used to bypass ASLR. References: http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html https://bugzilla.redhat.com/show_bug.cgi?id=804947
Use CVE-2012-1568. Eugene
Current thread:
- CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Marcus Meissner (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 21)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Kurt Seifried (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)