ASL kernels immune to CVE-2018-5750
Posted: Mon Feb 05, 2018 3:56 pm
Systems running the ASL kernel are immune to CVE-2018-5750. From the SecurityTracker website:
"A local user can submit a specially crafted SBS HC printk system call to trigger a flaw in the acpi_smbus_hc_add() function in 'drivers/acpi/sbshc.c' and obtain potentially sensitive address information and potentially bypass kernel address space layout randomization (KASLR) security protection on the target system."
ASL kernels do not use the weak KASLR implementation in the Linux kernel.
"A local user can submit a specially crafted SBS HC printk system call to trigger a flaw in the acpi_smbus_hc_add() function in 'drivers/acpi/sbshc.c' and obtain potentially sensitive address information and potentially bypass kernel address space layout randomization (KASLR) security protection on the target system."
ASL kernels do not use the weak KASLR implementation in the Linux kernel.