diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -74,6 +74,12 @@ Security related changes: memcmp gave the wrong result since it treated the size argument as zero. Reported by H.J. Lu. + CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC + environment variable during program execution after a security + transition, allowing local attackers to restrict the possible mapping + addresses for loaded libraries and thus bypass ASLR for a setuid + program. Reported by Marcin KoĆcielnicki. + The following bugs are resolved with this release: [20116] nptl: use after free in pthread_create @@ -98,6 +104,7 @@ The following bugs are resolved with this release: [24027] malloc: Integer overflow in realloc [24097] Can't use 64-bit register for size_t in assembly codes for x32 (CVE-2019-6488) [24155] x32 memcmp can treat positive length as 0 (if sign bit in RDX is set) (CVE-2019-7309) + [25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs Version 2.24 |