The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | kernel | 2012-03-23 14:18 | ALAS-2012-58 |
Amazon Linux 1 | kernel | 2012-11-20 06:34 | ALAS-2012-142 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 1.9 | AV:L/AC:M/Au:N/C:N/I:P/A:N |
NVD | CVSSv2 | 1.9 | AV:L/AC:M/Au:N/C:N/I:P/A:N |