id,summary,reporter,owner,description,type,status,component,version,resolution,keywords,cc,guest,host 15167,Kernel Address Info Leak,wcrobert,,"I reported this via secalert_us@oracle.com and was told to resubmit here: vbox kernel module seems to printk kernel addresses that get picked up by syslog. This information could be used by someone who has gained uid/gid syslog adm (On Ubuntu) to successfully chain an attack to kernel data structures (thus defeating ASLR). Information from /proc/modules is sanitized for non-root users. The requested fix is to stop printing out kernel addresses. Host $ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 14.04.4 LTS Release: 14.04 Codename: trusty $uname -a Linux wcrobert-MOBL1 3.19.0-18-generic #18~14.04.1-Ubuntu SMP Wed May 20 09:38:33 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux VBox Version: Version 5.0.14 r105127 What I found in syslog: {{{ Feb 11 11:27:57 wcrobert-MOBL1 kernel: [ 5.881847] vboxdrv: Found 4 processor cores Feb 11 11:27:57 wcrobert-MOBL1 kernel: [ 5.901307] vboxdrv: TSC mode is Invariant, tentative frequency 2593993759 Hz Feb 11 11:27:57 wcrobert-MOBL1 kernel: [ 5.901310] vboxdrv: Successfully loaded version 5.0.14 (interface 0x00240000) Feb 11 11:27:57 wcrobert-MOBL1 kernel: [ 6.112417] vboxpci: IOMMU not found (not registered) Feb 11 12:16:23 wcrobert-MOBL1 kernel: [ 2913.482380] vboxdrv: ffffffffc0000020 VMMR0.r0 Feb 11 12:16:23 wcrobert-MOBL1 kernel: [ 2913.571393] vboxdrv: ffffffffc00fa020 VBoxDDR0.r0 Feb 11 12:16:23 wcrobert-MOBL1 kernel: [ 2913.572892] vboxdrv: ffffffffc0119020 VBoxDD2R0.r0 Feb 11 12:16:23 wcrobert-MOBL1 kernel: [ 2913.606759] vboxdrv: ffffffffc011d020 VBoxEhciR0.r0 }}}",task,closed,other,VirtualBox 5.0.14,wontfix,info leak,,other,Linux