|Main Archive Page > Month Archives > oss-security archives|
On 01/19/2012 12:05 PM, Eugene Teo wrote:
> On 01/19/2012 04:43 AM, Kees Cook wrote:
>> What's the problem with the old logic in the mem handling? (Why does this
>> need a CVE?)
> This is a possible local privilege escalation issue on a system with
> ASLR disabled, combined with other exploitation techniques.
Detailed information can be found here,