Date: Tue, 03 Mar 2015 15:52:10 +0100 From: Hector Marco <hecmargi@....es> To: cve-assign@...re.org, oss-security@...ts.openwall.com Subject: Re: CVE-Request: Linux ASLR mmap weakness: Reducing entropy by half Hello Mitre, Any update about this issue ? El 18/02/15 a las 12:01, Hector Marco escribió: > Hi, > > A bug in Linux ASLR implementation for versions prior to 3.19 has been found. > The issue is that the mmap area for processes is not properly randomized on some > architectures. > > Affected systems have reduced the mmap base area entropy of the processes by half. > > > Details at: > http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.html > > > > Could you please assign a CVE-ID for this? > > > > Hector Marco. > http://hmarco.org > > Cyber-security researcher at > http://cybersecurity.upv.es/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ