CVE-2016-3672 in Androidinfo

Zusammenfassung (Englisch)

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservieren

25.03.2016

Veröffentlichung

27.04.2016

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
90522	Google Android Kernel Memory erweiterte Rechte	254	Proof-of-Concept	Offizieller Fix	CVE-2016-3672
81887	Linux Kernel RLIMIT_STACK erweiterte Rechte	254	Proof-of-Concept	Offizieller Fix	CVE-2016-3672

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!