want stack-clash mitigation
The stack-clash advisory for Qualys cited Solaris as a potential target for the exploit. In a 64-bit address space, we do indeed map in ld.so almost immediately after the stack segment. A much larger guard segment of some time would be nice to serve as a mitigation.
Updated by Electric Monk almost 4 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
commit 284ce987a33170d916c005f044ef6ce9ce8e1517 Author: Patrick Mooney <email@example.com> Date: 2018-07-19T18:08:35.000Z 9641 want stack-clash mitigation Reviewed by: Jerry Jelinek <firstname.lastname@example.org> Reviewed by: Alex Wilson <email@example.com> Reviewed by: Mike Gerdts <firstname.lastname@example.org> Reviewed by: Toomas Soome <email@example.com> Approved by: Robert Mustacchi <firstname.lastname@example.org>