Linux · Linux Kernel · CVE-2013-0914
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 3.8.4
**Description**
The issue allows local users to bypass the ASLR protection mechanism. This is achieved through a crafted application containing a sigaction system call, which exploits the preservation of the sa restorer field value across an exec operation by the flush signal handlers function in kernel/signal.c.
**Recommendations**
For Linux kernel versions prior to 3.8.4, update to version 3.8.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the sigaction system call until a patch is available.