Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 20 Jan 2016 08:11:58 -0500
From: David Windsor <dave@...gbits.org>
To: Kees Cook <keescook@...omium.org>
Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: [RFC PATCH v2 00/12] Add PAX_REFCOUNT overflow protection

Hi Kees,

On Tue, Jan 19, 2016 at 2:07 PM, Kees Cook <keescook@...omium.org> wrote:
> Hi David,
>
> On Thu, Dec 17, 2015 at 12:55 PM, Kees Cook <keescook@...omium.org> wrote:
>> On Thu, Dec 17, 2015 at 6:57 AM, David Windsor <dave@...gbits.org> wrote:
>>> NOTE: This is a v2 submission because patch 3/5 in v1 was too large to sent
>>> to kernel-hardening.  Taking that as a sign that the patch needed to be split,
>>> I'm sending this version of the patchset, with the patches split more or less
>>> on a per-maintainer basis (except for those in drivers/).
>
> How's the next spin coming? It looks like we have some new real-world
> examples of exploits that would have been blocked by this protection:
>
> http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
>
> :)
>

I'm currently working on v3 of this patchset: porting the patches to
linux-next and incorporating suggested changes to v2.  I'm fairly well
along, but need just a bit more time  I'm a bit busy at the moment, so
I expect realistically to have time to finish this at the beginning of
February.

Thanks,
David

> -Kees
>
> --
> Kees Cook
> Chrome OS & Brillo Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.