oss-sec mailing list archives
CVE request -- kernel: execshield: predictable ascii armour base address
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 20 Mar 2012 11:20:01 +0100
When running a binary with a lot of shared libraries, predictable base address is used for one of the loaded libraries. This flaw could be used to bypass ASLR. References: http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html https://bugzilla.redhat.com/show_bug.cgi?id=804947 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Marcus Meissner (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 21)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Kurt Seifried (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)