oss-sec mailing list archives

Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch

From: Will Dormann <will.dormann () analygence com>
Date: Mon, 8 Jul 2024 14:09:59 -0400

On 7/8/24 1:28 PM, Florian Weimer wrote:

The kernel should not apply hugepage optimizations to mappings created
with MAP_DENYWRITE.

FWIW, Grsecurity has published a blog post about this topic that coversmuch more nuance than the original "ASLRn't" blog post:

<https://grsecurity.net/toolchain_necromancy_past_mistakes_haunting_aslr>



-WD

Current thread:

ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Will Dormann (Jul 08)
- Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Florian Weimer (Jul 08)
  - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Will Dormann (Jul 08)
  - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch David A. Wheeler (Jul 08)
    - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Florian Weimer (Jul 08)
- Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Simon McVittie (Jul 08)
- Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Will Dormann (Jul 08)
- Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Yves-Alexis Perez (Jul 10)
  - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Will Dormann (Jul 10)
    - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Yves-Alexis Perez (Jul 11)
    - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Yves-Alexis Perez (Jul 11)
  - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch Steffen Nurpmeso (Jul 10)
    - Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch David A. Wheeler (Jul 11)

(Thread continues...)