Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 11 Mar 2013 13:25:57 -0700
From: Kees Cook <keescook@...omium.org>
To: oss-security@...ts.openwall.com
Subject: CVE-2013-0914 Linux kernel sa_restorer information leak

The sa_restorer field is not cleared across exec, allowing parent ASLR
information to leak to children.

https://lkml.org/lkml/2013/3/11/498

-Kees

-- 
Kees Cook
Chrome OS Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ