Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-1568
HistoryMar 01, 2013 - 12:00 a.m.

CVE-2012-1568

2013-03-0100:00:00
ubuntu.com
ubuntu.com
13

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.001

Percentile

26.0%

The ExecShield feature in a certain Red Hat patch for the Linux kernel in
Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not
properly handle use of many shared libraries by a 32-bit executable file,
which makes it easier for context-dependent attackers to bypass the ASLR
protection mechanism by leveraging a predictable base address for one of
these libraries.

Bugs

Notes

Author Note
jdstrand not in Ubuntu

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.001

Percentile

26.0%