oss-sec mailing list archives

Re: PIE bypass using VDSO ASLR weakness

From: Hanno Böck <hanno () hboeck de>
Date: Thu, 11 Dec 2014 18:23:23 +0100

On Thu, 11 Dec 2014 11:15:44 +0530
Reno Robert <renorobert () gmail com> wrote:

Given that ASLR is not effective in VDSO and comes down to 11 quality
bits as per pax test making return-to-vdso feasible even for PIE
binary, whether this should be considered as a bug and CVE be
assigned?


I opened a bug in the kernel's bugtracker:
https://bugzilla.kernel.org/show_bug.cgi?id=89591

-- 
Hanno Böck
http://hboeck.de/

mail/jabber: hanno () hboeck de
GPG: BBB51E42

Attachment: _bin
Description: OpenPGP digital signature

Current thread:

PIE bypass using VDSO ASLR weakness Reno Robert (Dec 09)
- Re: PIE bypass using VDSO ASLR weakness Daniel Micay (Dec 09)
  - Re: PIE bypass using VDSO ASLR weakness Reno Robert (Dec 09)
    - Re: PIE bypass using VDSO ASLR weakness Martino Dell'Ambrogio (Dec 09)
    - Re: PIE bypass using VDSO ASLR weakness Mathias Krause (Dec 09)
    - Re: PIE bypass using VDSO ASLR weakness Daniel Micay (Dec 09)
    - Re: PIE bypass using VDSO ASLR weakness Reno Robert (Dec 10)
    - Re: PIE bypass using VDSO ASLR weakness Hanno Böck (Dec 11)
    - Re: PIE bypass using VDSO ASLR weakness Greg KH (Dec 11)
    - Re: PIE bypass using VDSO ASLR weakness cve-assign (Dec 26)