Latest YouTube Video

Wednesday, April 6, 2016

[FD] CVE-2016-3672 - Unlimiting the stack not longer disables ASLR

Hi everyone, We have fixed an old and very known weakness in the Linux ASLR implementation. The weakness allowed any user able to running 32-bit applications in a x86 machine disable the ASLR by setting the RLIMIT_STACK resource to unlimited. This is a very old trick to disable ASLR, but unfortunately it was still present in current Linux systems. Details at: http://ift.tt/1WcvAZ5 Best, Hector.

Source: Gmail -> IFTTT-> Blogger

No comments: