0.0004 Low
EPSS
Percentile
5.1%
A flaw in the load_elf_binary() function in the Linux kernel allows a local attacker to leak the base address of .text and stack sections for setuid binaries and bypass ASLR because install_exec_creds() is called too late in this function.
bugzilla.redhat.com/show_bug.cgi?id=1699856
nvd.nist.gov/vuln/detail/CVE-2019-11190
www.cve.org/CVERecord?id=CVE-2019-11190