blob: 3ce055f8aec807c9758ec99564024ddd40f0cd5f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
Description: ASLR bypass for setuid binaries (for fs/binfmt_aout.c)
References:
https://www.openwall.com/lists/oss-security/2019/04/03/4
https://www.openwall.com/lists/oss-security/2019/04/03/4/1
Notes:
carnil> CVE is for the issue in binfmt_aout.c specifically.
carnil> Upstream plans to deprecate a.out format.
bwh> Only ELF supports ASLR.
Bugs:
upstream: N/A "Invalid"
4.19-upstream-stable: N/A "Invalid"
4.9-upstream-stable: N/A "Invalid"
3.16-upstream-stable: N/A "Invalid"
sid: N/A "Invalid"
4.9-stretch-security: N/A "Invalid"
3.16-jessie-security: N/A "Invalid"
|