oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ASLRn't is still alive and well on x86 kernels, despite CVE-2024-26621 patch

From: Yves-Alexis Perez <corsac () corsac net>
Date: Thu, 11 Jul 2024 09:07:57 +0200
On Wed, 2024-07-10 at 17:39 -0400, Will Dormann wrote:

Linux 6.9.7 was released in June2024, and the patches for CVE-2024-26621 
went in months before that.  This behavior matches my 3rd bullet point 
above, so I think everything is as expected here.  ("... will randomize 
the load address of large libraries loaded by 32-bit apps.")


Right.


If you want to see the lack of randomization, try the test with an x86 
kernel, not amd64.


I don't have one at hand unfortunately, but I'll try setting up a VM or
something just to be sure. Thanks.

I think there are not a lof of *modern* IA-32 installations, especially on
“generic” distributions, but there might still be some in network appliances
or something.

I guess setting vm.mmap_rnd_bits (or CONFIG_ARCH_MMAP_RND_BITS) to 16 at least
helps on those platforms (like they did on Ubuntu) but I wonder if a fix (or a
revert) in the kernel would be better (do we really need the alignment perfs
on IA-32 kernels?)

Regards,
-- 
Yves-Alexis
Previous By Date Next
Previous By Thread Next

Current thread: