retired/CVE-2016-3672


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: Unlimiting the stack disables ASLR on i386
References:
 http://hmarco.org/bugs/CVE-2016-3672-Unlimiting-the-stack-not-longer-disables-ASLR.html
Notes:
 bwh> This problem has been known for a long time; I don't know why it got
 bwh> a 2016 CVE ID.  There is some risk of regression so we should
 bwh> probably wait a while before backporting.
Bugs:
upstream: released (4.6-rc1) [8b8addf891de8a00e4d39fc32f93f7c5eb8feceb]
3.16-upstream-stable: released (3.16.35) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
3.2-upstream-stable: released (3.2.80) [x86-standardize-mmap_rnd-usage.patch, x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
sid: released (4.5.1-1) [bugfix/all/x86-mm-32-enable-full-randomization-on-i386-and-x86_.patch]
3.16-jessie-security: released (3.16.7-ckt25-2+deb8u1) [bugfix/x86/x86-standardize-mmap_rnd-usage.patch, bugfix/x86/x86-mm-32-enable-full-randomization-on-i386-and-x86_32.patch]
3.2-wheezy-security: released (3.2.81-1)