Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Linux kernel 信息泄露漏洞
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 Linux kernel 3.18.1及之前版本的arch/x86/kernel/process_64.c文件中的‘__switch_to’函数存在安全漏洞,该漏洞源于程序没有确定是否在其他操作前加载Thread Local Storage (TLS)描述符。本地攻击者可借助特制的应用程序利用该漏洞绕过ASLR保护机制。
CVSS Information
N/A
Vulnerability Type
N/A