Announcement

Collapse
No announcement yet.

FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022

    Phoronix: FGKASLR Is An Exciting Linux Kernel Improvement To Look Forward To In 2022

    It's been nearly two years in the making since Intel posted FGKASLR patches for improving Linux kernel security. While that work on Finer Grained / Function Granular KASLR stalled for a year, in recent months work on it was revived and in 2022 looks like this security is on a path for mainlining...

    https://www.phoronix.com/scan.php?pa...x-FGKASLR-2022

  • #2
    I hope this is not because there is yet another major vulnerability that Intel hasn't disclosed yet but is aware of...

    Comment


    • #3
      Originally posted by tildearrow View Post
      I hope this is not because there is yet another major vulnerability that Intel hasn't disclosed yet but is aware of...
      it has nothing to do with it, it simply makes most vulnerabilities harder to exploit, as now exploit wouldn't only have to figure out base adreess like in KASLR but also function exactly that exploit wants to read/overwrite etc. Meltdown/Spectre are quite "above" tier exploits which will not care much about randomization, and were commonly used for sake of defeating randomizations.

      Comment


      • #4
        Originally posted by piotrj3 View Post

        it has nothing to do with it, it simply makes most vulnerabilities harder to exploit, as now exploit wouldn't only have to figure out base adreess like in KASLR but also function exactly that exploit wants to read/overwrite etc. Meltdown/Spectre are quite "above" tier exploits which will not care much about randomization, and were commonly used for sake of defeating randomizations.
        That's the concern tho. If there are vulnerabilities out there which can sidestep this kind of randomization, why wouldn't those be targeted instead of where the functions are?

        Comment

        Working...
        X