Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch

[Will Dormann <will.dormann () analygence com>]

On 7/29/24 3:02 AM, Yves-Alexis Perez wrote:> 
d9592025000b3cf26c742f3505da7b83aedc26d5 was recently merged to Linus tree
> switching to !IS_ENABLED(CONFIG_64BIT) which should work on all architectures.
> So ASLRn't *should* be fixed on IA-32 kernels with 6.11.

I can confirm that in 6.11, ASLR is functioning as expected with 6.11

test@debian:~$ python3 entropy.py
Linux debian 6.11.0-rc1 #1 SMP PREEMPT_DYNAMIC Mon Jul 29 17:01:55 EDT 
2024 i686 GNU/Linux

Mapped item: /usr/bin/cat, Entropy: 8 bits, Mask: 000ff000
Mapped item: [heap], Entropy: 14 bits, Mask: 03fff000
Mapped item: /usr/lib/locale/locale-archive, Entropy: 9 bits, Mask: 001ff000
Mapped item: /usr/lib/i386-linux-gnu/libc.so.6, Entropy: 9 bits, Mask: 
001ff000
Mapped item: [vvar], Entropy: 9 bits, Mask: 001ff000
Mapped item: /usr/lib/i386-linux-gnu/ld-linux.so.2, Entropy: 9 bits, 
Mask: 001ff000
Mapped item: [stack], Entropy: 12 bits, Mask: 00fff000
test@debian:~$


--
Will Dormann | Senior Vulnerability Analyst

ANALYGENCE, Inc.
8115 Maple Lawn Blvd., Suite 110, Fulton, MD 20759
t 412.818.3452 | f 301.812.4252
e will.dormann () analygence com | w analygence.com