[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request - Linux kernel: VFAT slab-based buffer overflow
From: Jiri Kosina <jikos () jikos ! cz>
Date: 2013-02-28 8:31:40
Message-ID: alpine.LRH.2.00.1302280930200.30582 () twin ! jikos ! cz
[Download RAW message or body]
On Thu, 28 Feb 2013, Yves-Alexis Perez wrote:
> > > - not letting kernel dereference userspace pointers (and PMAP is
> > not
> > > available everywhere, unfortunately)
> >
> > What do you mean by this?
>
> This looks like PaX KERNEXEC/UDEREF (which uses segmentation on i386 and
> code instrumentation through gcc plugins on x86_64).
Yes, exactly. You can now apparently also add ARM to the list of
architectures where it's been made available [1] by the grsecurity folks.
[1] http://forums.grsecurity.net/viewtopic.php?f=7&t=3292
> On Ivy Bridge processors you have SMEP which will also prevent ring0 to
> execute code from unprivileged pages and on Haswell there will be SMAP
> which tries to prevent ring0 to access ring3 pages read/write when not
> needed (outside of copy_{to,from}_user for example but there are
> others).
>
> But, as Jiri said, this is not available everywhere so people with more
> ancient hardware can't benefit from those extensions.
Yup, sorry for my typo above, I of course meant SMAP, not PMAP.
Thanks,
--
Jiri Kosina
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic