When the new signal handlers are set up, the location of sa_restorer
is not cleared, leaking a parent process's address space location to
children. This allows for a potential bypass of the parent's ASLR by
examining the sa_restorer value returned when calling sigaction().
Based on what should be
When the new signal handlers are set up, the location of sa_restorer
is not cleared, leaking a parent process's address space location to
children. This allows for a potential bypass of the parent's ASLR by
examining the sa_restorer value returned when calling sigaction().
Based on what should be
2 matches
Mail list logo
