CVE-2019-1010025

Sažetak

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

Reference

https://sourceware.org/bugzilla/show_bug.cgi?id=22853
https://support.f5.com/csp/article/K06046097
https://security-tracker.debian.org/tracker/CVE-2019-1010025
https://ubuntu.com/security/CVE-2019-1010025
https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

07-11-2023 - 03:02

Objavljeno

15-07-2019 - 04:15