The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel up to and including 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
linux linux kernel |
||
redhat enterprise linux desktop 7.0 |
||
redhat enterprise linux workstation 7.0 |
||
redhat enterprise linux server 7.0 |
||
redhat enterprise linux aus 6.6 |
||
redhat enterprise linux server eus 7.2 |
||
redhat enterprise linux server eus 7.1 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux eus 6.6 |
||
redhat enterprise linux server tus 7.3 |
||
redhat enterprise linux server aus 7.3 |
||
redhat enterprise linux server aus 7.4 |
||
redhat enterprise linux server eus 7.3 |
||
redhat enterprise linux server eus 7.4 |
||
redhat enterprise linux server eus 7.5 |
||
redhat enterprise linux server tus 7.6 |
||
redhat enterprise linux server eus 7.6 |
||
redhat enterprise linux server aus 7.6 |
||
redhat enterprise linux server tus 6.6 |
||
redhat enterprise linux server eus 7.7 |
||
redhat enterprise linux server aus 7.7 |
||
redhat enterprise linux server tus 7.7 |
||
suse linux enterprise server 11 |
||
opensuse evergreen 11.4 |
||
suse linux enterprise real time extension 11 |
||
suse linux enterprise workstation extension 12 |
||
opensuse opensuse 13.1 |
||
suse linux enterprise server 12 |
||
suse linux enterprise software development kit 12 |
||
suse linux enterprise desktop 12 |
||
fedoraproject fedora 21 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 14.10 |
||
canonical ubuntu linux 14.04 |
Vulmon