CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
26.0%
The ExecShield feature in a certain Red Hat patch for the Linux kernel in
Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not
properly handle use of many shared libraries by a 32-bit executable file,
which makes it easier for context-dependent attackers to bypass the ASLR
protection mechanism by leveraging a predictable base address for one of
these libraries.
Author | Note |
---|---|
jdstrand | not in Ubuntu |