ASL kernels immune to CVE-2018-5750

Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4120
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

ASL kernels immune to CVE-2018-5750

Unread post by mikeshinn »

Systems running the ASL kernel are immune to CVE-2018-5750. From the SecurityTracker website:

"A local user can submit a specially crafted SBS HC printk system call to trigger a flaw in the acpi_smbus_hc_add() function in 'drivers/acpi/sbshc.c' and obtain potentially sensitive address information and potentially bypass kernel address space layout randomization (KASLR) security protection on the target system."

ASL kernels do not use the weak KASLR implementation in the Linux kernel.
Post Reply