Actions
Bug #9641
closedwant stack-clash mitigation
Start date:
2018-07-05
Due date:
% Done:
100%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
Description
The stack-clash advisory for Qualys cited Solaris as a potential target for the exploit. In a 64-bit address space, we do indeed map in ld.so almost immediately after the stack segment. A much larger guard segment of some time would be nice to serve as a mitigation.
Upstreaming the work from SmartOS OS-6323 (and the related OS-6564)
Updated by Electric Monk almost 4 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
git commit 284ce987a33170d916c005f044ef6ce9ce8e1517
commit 284ce987a33170d916c005f044ef6ce9ce8e1517 Author: Patrick Mooney <pmooney@pfmooney.com> Date: 2018-07-19T18:08:35.000Z 9641 want stack-clash mitigation Reviewed by: Jerry Jelinek <jerry.jelinek@joyent.com> Reviewed by: Alex Wilson <alex.wilson@joyent.com> Reviewed by: Mike Gerdts <mike.gerdts@joyent.com> Reviewed by: Toomas Soome <tsoome@me.com> Approved by: Robert Mustacchi <rm@joyent.com>
Actions