The flush_signal_handlers function in kernel/signal.c in the Linux kernel prior to 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 3.8.2 |
||
linux linux kernel 3.8.0 |
||
linux linux kernel |
||
linux linux kernel 3.8.1 |