Описание
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process. This enables a local attacker to learn the memory layout of a setuid executable allowing mitigation of ASLR.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 6 | kernel | Will not fix | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Affected | ||
| Red Hat Enterprise MRG 2 | realtime-kernel | Affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2018:0676 | 10.04.2018 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2018:1062 | 10.04.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
The move_pages system call in mm/migrate.c in the Linux kernel before ...
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
ELSA-2018-4025: Unbreakable Enterprise kernel security update (IMPORTANT)
EPSS
3.3 Low
CVSS3