Linux Kernel ASLR Security Bypass Weakness

The Linux kernel is prone to a security-bypass weakness that may cause a library to use a predictable base address.

This weakness may allow attackers to predict the base address of a library in certain circumstances and in turn bypass Address Space Layout Randomization (ASLR) protection mechanisms of applications. This may aid in further attacks that may lead to arbitrary code execution.

The issue is fixed in Fedora Linux Kernel 3.3.0-4.fc16.


 

Privacy Statement
Copyright 2010, SecurityFocus