oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request -- kernel: execshield: predictable ascii armour base address

From: Eugene Teo <eugene () redhat com>
Date: Tue, 20 Mar 2012 21:10:33 +0800
On 03/20/2012 06:20 PM, Petr Matousek wrote:

When running a binary with a lot of shared libraries, predictable base
address is used for one of the loaded libraries.

This flaw could be used to bypass ASLR.

References:
http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html
https://bugzilla.redhat.com/show_bug.cgi?id=804947


Use CVE-2012-1568.

Eugene
Previous By Date Next
Previous By Thread Next

Current thread: