oss-sec mailing list archives

Re: How GNU/Linux distros deal with offset2lib attack?

From: Greg KH <greg () kroah com>
Date: Sat, 6 Dec 2014 07:35:27 -0800

On Sat, Dec 06, 2014 at 03:22:58PM +0800, Shawn wrote:


2, ASLRv3? Hector Marco( the dude who disclosured offset2lib attack)
sent a patch to the upstream:
https://lkml.org/lkml/2014/12/4/839

Even the upstream don't accept the patch, is this possible to backport
it & maintain it for distro community?


Upstream asked for some basic fixes to the patch (i.e. it wasn't
submitted in the needed format) before it could accept it, so I doubt
it's rejected yet.

And of course a distro could backport and maintain it, it's a very tiny
patch, much smaller than what they normall backport.  Take it up with
the distros if you want this.

thanks,

greg k-h

Current thread:

How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 05)
- Re: How GNU/Linux distros deal with offset2lib attack? lazytyped (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 06)
  - Re: How GNU/Linux distros deal with offset2lib attack? Loganaden Velvindron (Dec 06)
    - Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 08)
    - Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Daniel Micay (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
    - Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)

(Thread continues...)