On Thu, 2010-07-15 at 17:18 +0100, Radoslaw Madej wrote: > Package: linux-2.6 > Version: 2.6.26-24 > Severity: normal > > Hi, > When running the latest stable Debian kernel the base address of a heap is > not randomised regardless of the > setting for randomize_va_space (it is set to 2 by default). This can be > observed by using a simple .c > program (below) or using the paxtest suite available from here: > http://grsecurity.net/~spender/paxtest-0.9.9.tgz
Good spot. At the point where heap randomisation should be done,
PF_RANDOMIZE has been cleared. This seems to be a regression due to the
fix for CVE-2010-0307. We need to apply the follow-up patch:
commit 7ab02af428c2d312c0cf8fb0b01cc1eb21131a3d
Author: Linus Torvalds <torva...@linux-foundation.org>
Date: Tue Feb 2 12:37:44 2010 -0800
Fix 'flush_old_exec()/setup_new_exec()' split
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
signature.asc
Description: This is a digitally signed message part
