oss-sec mailing list archives
Re: CVE-Request: AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%.
From: Solar Designer <solar () openwall com>
Date: Fri, 27 Mar 2015 17:31:13 +0300
On Fri, Mar 27, 2015 at 01:11:41PM +0100, Hector Marco wrote:
A bug in Linux ASLR implementation which affects some AMD processors has been found. The issue affects to all Linux process even if they are not using shared libraries (statically compiled). Grsecurity/PaX is also affected.
spender's criticism, off Twitter: <grsecurity> This new ASLR "weakness" with big 87.5% claims is a comedy of errors <grsecurity> doesn't get the entropy count right for 32-bit in the email, copy+pasted the wrong entropy counts for grsec/PaX (it's 16, not 8) <grsecurity> Further, the "fix" does absolutely nothing for local attackers and likely nothing for remote attackers either <grsecurity> One leak of *any* library address from *any* service during the boot lifetime gives away the values <grsecurity> And on vanilla kernels which still have no bruteforce protection whatsoever, this is less than a non-issue, & not worth dignifying in grsec Alexander
Current thread:
- CVE-Request: AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%. Hector Marco (Mar 27)
- Re: CVE-Request: AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%. Solar Designer (Mar 27)