oss-sec mailing list archives
Re: CVE request -- kernel: execshield: predictable ascii armour base address
From: Marcus Meissner <meissner () suse de>
Date: Tue, 20 Mar 2012 17:22:32 +0100
Hi, There are also 4 seperate issues in Chris blogpost. CVEs are sometimes assigned if security preconditions are not met, or are too weak. (like if you would have a password hashing algorithm without salt ... while it works per-se, it is too weak) Ciao, Marcus On Tue, Mar 20, 2012 at 09:01:39AM -0700, Nick Kralevich wrote:
Can someone explain to me why this is worthy of a CVE? I can see this as a bug of course. But a "vulnerability"? This bug, by itself, does not cause a vulnerability. It just makes vulnerabilities easier to exploit. I'm not sure this is worthy of a CVE unless we're willing to assign CVEs to all fixed address allocations. -- Nick On Tue, Mar 20, 2012 at 6:10 AM, Eugene Teo <eugene () redhat com> wrote:On 03/20/2012 06:20 PM, Petr Matousek wrote:When running a binary with a lot of shared libraries, predictable base address is used for one of the loaded libraries. This flaw could be used to bypass ASLR. References:http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=804947Use CVE-2012-1568. Eugene-- Nick Kralevich | Android Security | nnk () google com | 650.214.4037
-- Working, but not speaking, for the following german company: SUSE LINUX Products GmbH, HRB 16746 (AG Nuernberg) Geschaeftsfuehrer: Jeff Hawn, Jennifer Guild, Felix Imendoerffer
Current thread:
- CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Marcus Meissner (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Petr Matousek (Mar 21)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Kurt Seifried (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Nick Kralevich (Mar 20)
- Re: CVE request -- kernel: execshield: predictable ascii armour base address Eugene Teo (Mar 20)