Note:
This project will be discontinued after December 13, 2021. [more]
2017-09-05
The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.
Products | Linux_kernel |
Type | Information Exposure (CWE-200) |
First patch |
https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9 |
Relevant file/s | ./mm/migrate.c (modified, +3, -8) |
Links |
• https://access.redhat.com/errata/RHSA-2018:1062
• https://usn.ubuntu.com/3583-2/ • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9 • https://access.redhat.com/errata/RHSA-2018:0676 • http://www.securityfocus.com/bid/100876 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: