** Changed in: linux-lts-raring (Ubuntu Precise)
Status: New => Invalid
** Description changed:
- PIE bypass using VDSO ASLR weakness
+ The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel
+ through 3.18.2 does not properly choose memory locations for the vDSO
+ area, which makes it easier for local users to bypass the ASLR
+ protection mechanism by guessing a location at the end of a PMD.
Break-Fix: - 394f56fe480140877304d342dec46d50dc823d46
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1409811
Title:
CVE-2014-9585
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1409811/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
