Re: CVE request -- kernel: execshield: predictable ascii armour base address

[Marcus Meissner <meissner () suse de>]

Hi,

There are also 4 seperate issues in Chris blogpost.


CVEs are sometimes assigned if security preconditions are not met,
or are too weak. (like if you would have a password hashing algorithm
without salt ... while it works per-se, it is too weak)


Ciao, Marcus

On Tue, Mar 20, 2012 at 09:01:39AM -0700, Nick Kralevich wrote:
> Can someone explain to me why this is worthy of a CVE? I can see this as a
> bug of course.  But a "vulnerability"?
>
> This bug, by itself, does not cause a vulnerability. It just makes
> vulnerabilities easier to exploit. I'm not sure this is worthy of a CVE
> unless we're willing to assign CVEs to all fixed address allocations.
>
> -- Nick
>
> On Tue, Mar 20, 2012 at 6:10 AM, Eugene Teo <eugene () redhat com> wrote:
>
> > On 03/20/2012 06:20 PM, Petr Matousek wrote:
> > > When running a binary with a lot of shared libraries, predictable base
> > > address is used for one of the loaded libraries.
> > >
> > > This flaw could be used to bypass ASLR.
> > >
> > > References:
> > http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html
> > > https://bugzilla.redhat.com/show_bug.cgi?id=804947
> >
> > Use CVE-2012-1568.
> >
> > Eugene
>
>
>
> -- 
> Nick Kralevich | Android Security | nnk () google com | 650.214.4037

-- 
Working, but not speaking, for the following german company:
SUSE LINUX Products GmbH, HRB 16746 (AG Nuernberg)
Geschaeftsfuehrer: Jeff Hawn, Jennifer Guild, Felix Imendoerffer