[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 6 Dec 2014 15:22:58 +0800
From: Shawn <citypw@...il.com>
To: oss-security@...ts.openwall.com
Subject: How GNU/Linux distros deal with offset2lib attack?
Hi guys,
As you know Hector Marco disclosured a new attack targeting the
GNU/Linux mitigation defensive technology earlier this week:
http://www.openwall.com/lists/oss-security/2014/12/04/19
http://cybersecurity.upv.es/attacks/offset2lib/offset2lib.html
Paper & slide:
http://cybersecurity.upv.es/attacks/offset2lib/offset2lib-presentation.pdf
http://cybersecurity.upv.es/attacks/offset2lib/offset2lib-paper.pdf
Hector provides 3 possible solutions:
1, Use Grsecurity/PaX. Afaik, Gentoo and Debian Mempo has long-term
maintainence for Grsecurity/PaX patch. But the Grsecurity/PaX is not
party of linux kernel mainline that'd be a problem to the most
distros. I think linux kernel upstream won't accept PaX patch only
because of this *kind* of issue.
2, ASLRv3? Hector Marco( the dude who disclosured offset2lib attack)
sent a patch to the upstream:
https://lkml.org/lkml/2014/12/4/839
Even the upstream don't accept the patch, is this possible to backport
it & maintain it for distro community?
3, RenewSSP? IMOHO, this is a solution for the way of exploit like:
http://phrack.org/archives/issues/67/13.txt
It'd be workaround for another mitigation to prevent offset2lib attack
though. But the authors of RenewSSP don't even send a patch to GCC
community yet. At least I can't search anything about RenewSSP in GCC
ml.
It seems ASLRv3 is the best option we have? Or anything else?
--
GNU powered it...
GPL protect it...
God blessing it...
regards
Shawn
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
