Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CAGXu5j+Gn3nSUinvDB+0aFo192UFtmNvu7o4Ma95-FzfMKCi2g@mail.gmail.com>
Date: Fri, 12 May 2017 12:36:00 -0700
From: Kees Cook <keescook@...omium.org>
To: Loganaden Velvindron <loganaden@...il.com>
Cc: Jessica Yu <jeyu@...hat.com>, Michael Leibowitz <michael.leibowitz@...el.com>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: Re: [PATCH 01/18] gcc-plugins: Add the
 randstruct plugin

On Thu, May 11, 2017 at 11:37 PM, Loganaden Velvindron
<loganaden@...il.com> wrote:
> I often see drivers for android phones have all kinds of security
> issues. Does this help to make it harder to exploit vulnerabilities
> and RCEs in wifi drivers for example ?

Depends on the flaw (some of the recent wifi attacks have been against
the wifi firmware itself). As documented in the changelog:

... [randstruct is a] probabilistic defense against attacks that need
to know the layout of structures within the kernel ...

And overwriting function pointers in structures is a common way to
perform attacks, which this plugin would complicate. See "executing
code" in: https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.