On 08/13/2014 02:23 PM, Andy Lutomirski wrote: > On Wed, Aug 13, 2014 at 2:21 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote: >> One thing about this that may be a serious concern: allowing the user to >> control 8 contiguous bytes of kernel memory may be a security hazard. > > I'm confused. What kind of memory? I can control a lot more than 8 > bytes of stack very easily. > > Or are you concerned about 8 contiguous bytes of *executable* memory? > Yes. Useful for some kinds of ROP custom gadgets. -hpa -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
