mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
802 B
802 B
CVE-2014-9585
Description
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
POC
Reference
- http://v0ids3curity.blogspot.in/2014/12/return-to-vdso-using-elf-auxiliary.html
- http://www.ubuntu.com/usn/USN-2514-1
Github
No PoCs found on GitHub currently.