Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31986
HistoryMay 05, 2015 - 12:00 a.m.

Linux ASLR mmap weakness: Reducing entropy by half

2015-05-0500:00:00
vulners.com
20
JSON

A bug in Linux ASLR implementation has been found. The issue is that the mmap base address for processes is not properly randomized on some architectures due to an improper bit-mask manipulation. Affected systems have reduced the mmap area entropy of the processes by half.

The number of possible locations are reduced by 50%, which for example will reduce the cost of brute force attacks.

PowerPC, Sparc64 and ARM have 18 bits of entropy. Non-vulnerable systems have 262144 (2^18) different places to locate the mmap area. On vulnerable systems, this value is reduced to 131072 (2^17).

Advisory details at:
http://hmarco.org/bugs/linux-ASLR-reducing-mmap-by-half.html


Hector Marco-Gisbert @ http://hmarco.org/
Cyber Security Researcher @ http://cybersecurity.upv.es
Universitat Politecnica de Valencia (Spain)

JSON