Project

General

Profile

Actions

Bug #9641

closed

want stack-clash mitigation

Added by Patrick Mooney almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Category:
kernel
Start date:
2018-07-05
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

The stack-clash advisory for Qualys cited Solaris as a potential target for the exploit. In a 64-bit address space, we do indeed map in ld.so almost immediately after the stack segment. A much larger guard segment of some time would be nice to serve as a mitigation.

Upstreaming the work from SmartOS OS-6323 (and the related OS-6564)

Actions

Also available in: Atom PDF