Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - Linux kernel: weakness of ASLR on AMD Bulldozer

April 2015 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can use a weakness of ASLR of the Linux kernel on AMD
Bulldozer processors, in order to more easily guess a memory
address.

Impacted products: Linux

Severity: 1/4

Creation date: 27/03/2015

DESCRIPTION OF THE VULNERABILITY

Systems use ASLR in order to randomize memory addresses used by
programs and libraries.

The arch_get_unmapped_area() function of the
arch/x86/kernel/sys_x86_64.c contains an optimization for AMD
Bulldozer processors. However, the alignment management truncates
the number of used random bits.

An attacker can therefore use a weakness of ASLR of the Linux
kernel on AMD Bulldozer processors, in order to more easily guess
a memory address.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/Linux-kernel-weakness-of-ASLR-on-AMD-Bulldozer-16484


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts