oss-sec mailing list archives
How GNU/Linux distros deal with offset2lib attack?
From: Shawn <citypw () gmail com>
Date: Sat, 6 Dec 2014 15:22:58 +0800
Hi guys, As you know Hector Marco disclosured a new attack targeting the GNU/Linux mitigation defensive technology earlier this week: http://www.openwall.com/lists/oss-security/2014/12/04/19 http://cybersecurity.upv.es/attacks/offset2lib/offset2lib.html Paper & slide: http://cybersecurity.upv.es/attacks/offset2lib/offset2lib-presentation.pdf http://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf Hector provides 3 possible solutions: 1, Use Grsecurity/PaX. Afaik, Gentoo and Debian Mempo has long-term maintainence for Grsecurity/PaX patch. But the Grsecurity/PaX is not party of linux kernel mainline that'd be a problem to the most distros. I think linux kernel upstream won't accept PaX patch only because of this *kind* of issue. 2, ASLRv3? Hector Marco( the dude who disclosured offset2lib attack) sent a patch to the upstream: https://lkml.org/lkml/2014/12/4/839 Even the upstream don't accept the patch, is this possible to backport it & maintain it for distro community? 3, RenewSSP? IMOHO, this is a solution for the way of exploit like: http://phrack.org/archives/issues/67/13.txt It'd be workaround for another mitigation to prevent offset2lib attack though. But the authors of RenewSSP don't even send a patch to GCC community yet. At least I can't search anything about RenewSSP in GCC ml. It seems ASLRv3 is the best option we have? Or anything else? -- GNU powered it... GPL protect it... God blessing it... regards Shawn
Current thread:
- How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 05)
- Re: How GNU/Linux distros deal with offset2lib attack? lazytyped (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Loganaden Velvindron (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 08)
- Re: How GNU/Linux distros deal with offset2lib attack? Loganaden Velvindron (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)