TITLE
Information disclosure leading to KASLR bypasses in Red Hat Enterprise Linux 8 and Samsung S10+/S9 devices.
IDENTIFIER
Unknown
DESCRIPTION
An information disclosure vulnerability was found affecting Red Hat Enterprise Linux 8 and Samsung S10+/S9 devices. The vulnerability was fixed in the Linux kernel upstream on May 30, 2019, but it was still affecting Red Hat Enterprise Linux 8 and some Samsung devices at least up to August 24, 2021. The exploitation of the vulnerability leads to KASLR bypasses. An attacker could use this vulnerability to ease the exploitation of other vulnerabilities.
REFERENCES
SSD Advisory – Samsung S10+/S9 kernel 4.14 (Android 10) Kernel Function Address (.text) and Heap Address Information Leak
https://ssd-disclosure.com/ssd-advisory-samsung-s10-s9-kernel-4-14-android-10-kernel-function-address-text-and-heap-address-information-leak/
ptrace: add ability to retrieve signals without removing from a queue (v4) https://github.com/torvalds/linux/commit/84c751bd4aebbaae995fe32279d3dba48327bad4
signal/ptrace: Don’t leak uninitialized kernel memory with PTRACE_PEEK_SIGINFO https://github.com/torvalds/linux/commit/f6e2aa91a46d2bc79fce9b93a988dbe7655c90c0