NotCVE-2024-0002

AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

NotCVE

A vulnerability exists in the Linux kernel's Address Space Layout Randomization (ASLR) implementation affecting AMD Bulldozer (Family 15h) processors. To mitigate cache aliasing penalties, certain memory-mapped objects, including the Virtual Dynamic Shared Object (VDSO) and shared libraries, are assigned memory addresses with bits 12 through 14 set to zero, effectively reducing entropy by 87.5%. This reduction significantly weakens ASLR's effectiveness, making systems more susceptible to exploitation. The issue impacts all Linux processes, including those that are statically compiled without shared libraries.

*Credits: https://hmarco.org

CVSS Scores

NotCVEv3.1 5.3

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-12-23 CVE Reserved
2025-01-03 CVE Published
2025-01-03 CVE Updated
2025-01-03 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-331: Insufficient Entropy

CAPEC

CAPEC-97: Cryptanalysis

References (1)

URL	Tag	Source
https://hmarco.org/bugs/AMD-Bulldozer-linux-ASLR-weakness-reducing-mmaped-files-by-eight.html

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				4.0.0 Search vendor "Linux" for product "Linux Kernel" and version "4.0.0"		-		Affected