Linux · Linux Kernel · CVE-2017-14140
**Name of the Vulnerable Software and Affected Versions**
Linux kernel versions prior to 4.12.9
**Description**
The issue allows a local attacker to learn the memory layout of a setuid executable despite Address Space Layout Randomization (ASLR). This is due to the move pages system call not checking the effective uid of the target process.
**Recommendations**
For Linux kernel versions prior to 4.12.9, update to version 4.12.9 or later to resolve the issue.