Description: ASLR bypass for setuid binaries (for fs/binfmt_aout.c) References: https://www.openwall.com/lists/oss-security/2019/04/03/4 https://www.openwall.com/lists/oss-security/2019/04/03/4/1 Notes: carnil> CVE is for the issue in binfmt_aout.c specifically. carnil> Upstream plans to deprecate a.out format. bwh> Only ELF supports ASLR. Bugs: upstream: N/A "Invalid" 4.19-upstream-stable: N/A "Invalid" 4.9-upstream-stable: N/A "Invalid" 3.16-upstream-stable: N/A "Invalid" sid: N/A "Invalid" 4.9-stretch-security: N/A "Invalid" 3.16-jessie-security: N/A "Invalid"