Lucene search

K
cveRedhatCVE-2012-1568
HistoryMar 01, 2013 - 5:40 a.m.

CVE-2012-1568

2013-03-0105:40:15
redhat
web.nvd.nist.gov
57
red hat
linux
kernel
patch
vulnerability
aslr
bypass
cve-2012-1568
nvd

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

26.0%

The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries.

Affected configurations

Nvd
Node
fedoraprojectfedoraMatch15
OR
fedoraprojectfedoraMatch16
OR
redhatenterprise_linuxMatch5
OR
redhatenterprise_linuxMatch6.0
VendorProductVersionCPE
fedoraprojectfedora15cpe:/o:fedoraproject:fedora:15:::
redhatenterprise_linux5cpe:/o:redhat:enterprise_linux:5:::
fedoraprojectfedora16cpe:/o:fedoraproject:fedora:16:::
redhatenterprise_linux6.0cpe:/o:redhat:enterprise_linux:6.0:::

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

26.0%