Vulnerability Name: | CCN-99159 | ||||||
Published: | 2014-12-04 | ||||||
Updated: | 2014-12-04 | ||||||
Summary: | Linux Kernel could allow a remote attacker to bypass security restrictions, caused by failing to properly use Address Space Layout Randomization (ASLR). An attacker could exploit this vulnerability to bypass ASLR protection mechanisms and launch further attacks on the system. | ||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||
CVSS v2 Severity: | 2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N) 1.8 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:UR)
| ||||||
Vulnerability Consequences: | Bypass Security | ||||||
References: | Source: CCN Type: oss-security Mailing List, Thu, 04 Dec 2014 21:19:04 +0100 Offset2lib: bypassing full ASLR on 64bit Linux Source: CCN Type: The Linux Kernel Archives Web site The Linux Kernel Archives Source: CCN Type: BID-71494 Linux Kernel ASLR Security Bypass Weakness Source: XF Type: UNKNOWN linux-kernel-aslr-sec-bypass(99159) Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [12-05-2014] | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |