Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request -- kernel: execshield: predictable ascii armour base address
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 20 Mar 2012 11:20:01 +0100

When running a binary with a lot of shared libraries, predictable base
address is used for one of the loaded libraries.

This flaw could be used to bypass ASLR.

References:
http://scarybeastsecurity.blogspot.com/2012/03/some-random-observations-on-linux-aslr.html
https://bugzilla.redhat.com/show_bug.cgi?id=804947

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]