QwikSec

Security Database

CVE

CWE

Training

CVE-2019-11190

Published: Apr 11, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.openwall.com/lists/oss-security/2019/04/03/4

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2019/04/03/4/1

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=a5b5352558f6808db0589644ea5401b3e3148a0d

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git/commit/?id=e1676b55d874a43646e8b2c46d87f2f3e45516ff

x_refsource_MISC

vdb-entry

x_refsource_BID

[oss-security] 20190415 Re: Linux kernel < 4.8 local generic ASLR - CVE-ID

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2019:1570

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.