CVE-2011-0726

Linux Kernel < 2.6.39-rc1 - ASLR Bypass via /proc/#####/stat

Title source: llm
STIX 2.1

Description

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.

References (8)

Core 8

Scores

EPSS 0.0034
EPSS Percentile 26.0%

Details

CWE
CWE-20
Status published
Products (13)
linux/linux_kernel 2.6.0
linux/linux_kernel 2.6.1 (4 CPE variants)
linux/linux_kernel 2.6.2 (4 CPE variants)
linux/linux_kernel 2.6.3 (5 CPE variants)
linux/linux_kernel 2.6.4 (4 CPE variants)
linux/linux_kernel 2.6.5 (4 CPE variants)
linux/linux_kernel 2.6.6 (4 CPE variants)
linux/linux_kernel 2.6.7 (4 CPE variants)
linux/linux_kernel 2.6.8 (5 CPE variants)
linux/linux_kernel 2.6.8.1
... and 3 more
Published Jul 18, 2011
Tracked Since Feb 18, 2026