We have fixed an old and very known weakness in the Linux ASLR implementation.
The weakness allowed any user able to running 32-bit applications in a x86
machine disable the ASLR by setting the RLIMIT_STACK resource to unlimited.
This is a very old trick to disable ASLR, but unfortunately it was still present
in current Linux systems.
Details at:
http://hmarco.org/bugs/CVE-
Best,
Hector.
Komentarų nėra:
Rašyti komentarą