The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing a PIE binary.
Exploitability
AV:LAC:LAu:NImpact
C:PI:NA:N2.1/AV:L/AC:L/Au:N/C:P/I:N/A:N