diff options
| author | Ben Hutchings <ben@decadent.org.uk> | 2019-04-25 21:53:08 +0100 |
|---|---|---|
| committer | Ben Hutchings <ben@decadent.org.uk> | 2019-04-25 21:53:08 +0100 |
| commit | 9f794083fda07a0f815cfba62761942b5b4d751e (patch) | |
| tree | faa9f28cc75849523631a450d6155bce0ef62bdd /retired/CVE-2019-11191 | |
| parent | d98b5dfcad9328b959c258b480dec33c85c7e108 (diff) | |
Mark CVE-2019-11191 invalid and retire it
Diffstat (limited to 'retired/CVE-2019-11191')
| -rw-r--r-- | retired/CVE-2019-11191 | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/retired/CVE-2019-11191 b/retired/CVE-2019-11191 new file mode 100644 index 00000000..3ce055f8 --- /dev/null +++ b/retired/CVE-2019-11191 @@ -0,0 +1,16 @@ +Description: ASLR bypass for setuid binaries (for fs/binfmt_aout.c) +References: + https://www.openwall.com/lists/oss-security/2019/04/03/4 + https://www.openwall.com/lists/oss-security/2019/04/03/4/1 +Notes: + carnil> CVE is for the issue in binfmt_aout.c specifically. + carnil> Upstream plans to deprecate a.out format. + bwh> Only ELF supports ASLR. +Bugs: +upstream: N/A "Invalid" +4.19-upstream-stable: N/A "Invalid" +4.9-upstream-stable: N/A "Invalid" +3.16-upstream-stable: N/A "Invalid" +sid: N/A "Invalid" +4.9-stretch-security: N/A "Invalid" +3.16-jessie-security: N/A "Invalid" |