Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150327143113.GA2988@openwall.com>
Date: Fri, 27 Mar 2015 17:31:13 +0300
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-Request: AMD Bulldozer Linux ASLR weakness: Reducing entropy by 87.5%.

On Fri, Mar 27, 2015 at 01:11:41PM +0100, Hector Marco wrote:
> A bug in Linux ASLR implementation which affects some AMD processors has 
> been found. The issue affects to all Linux process even if they are not 
> using shared libraries (statically compiled). Grsecurity/PaX is also 
> affected.

spender's criticism, off Twitter:

<grsecurity> This new ASLR "weakness" with big 87.5% claims is a comedy of errors
<grsecurity> doesn't get the entropy count right for 32-bit in the email, copy+pasted the wrong entropy counts for grsec/PaX (it's 16, not 8)
<grsecurity> Further, the "fix" does absolutely nothing for local attackers and likely nothing for remote attackers either
<grsecurity> One leak of *any* library address from *any* service during the boot lifetime gives away the values
<grsecurity> And on vanilla kernels which still have no bruteforce protection whatsoever, this is less than a non-issue, & not worth dignifying in grsec

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.