| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20110520184254.GB18322@elte.hu> Date: Fri, 20 May 2011 20:42:54 +0200 From: Ingo Molnar <mingo@...e.hu> To: Dan Rosenberg <drosenberg@...curity.com> Cc: Kees Cook <kees.cook@...onical.com>, Linus Torvalds <torvalds@...ux-foundation.org>, linux-kernel@...r.kernel.org, davej@...hat.com, davem@...emloft.net, eranian@...gle.com, adobriyan@...il.com, penberg@...nel.org Subject: Re: [BUG] perf: bogus correlation of kernel symbols * Dan Rosenberg <drosenberg@...curity.com> wrote: > At least one distro (Red Hat) ships with panic_on_oops enabled by default, so > attackers don't get more than one chance. Likewise, vulnerabilities in > interrupt context will only have one chance, as will any issue where failed > exploitation prevents subsequent attempts, as is frequently the case due to > failures to clean up locking primitives on an OOPS. So it's basically a last line of defense: the attacker has to assume the risk of the attack being detected. That has a chilling effect on some types of attacks: especially those where the attacker goes against a high value target with a zero day kernel exploit. Risking a crash does not just mean possibly alerting the target, but also means possibly losing the zero-day exploit - if that oops log gets to a kernel developer who starts wondering about the weird backtrace. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists