2 matches found
kernel: ASLR bypass for setuid binaries due to late install_exec_creds()
A flaw in the loadelfbinary function in the Linux kernel allows a local attacker to leak the base address of .text and stack sections for setuid binaries and bypass ASLR because installexeccreds is called too late in this function...
GIMPS, SETI@home, ChessBrain: Insecure installation
Background GIMPS is a client for the distributed Great Internet Mersenne Prime Search. SETI@home is the client for the Search for Extraterrestrial Intelligence SETI project. ChessBrain is the client for the distributed chess supercomputer. Description GIMPS, SETI@home and ChessBrain ebuilds insta...