This change was applied during the Focal development cycle but then
reverted pending performance testing results. That performance testing
work was never finished and I'm no longer working on this bug.
** Changed in: linux (Ubuntu)
Status: Fix Committed => Triaged
** Changed in: linux (Ubuntu)
Assignee: Tyler Hicks (tyhicks) => (unassigned)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1855334
Title:
CONFIG_DEBUG_LIST should be enabled
Status in linux package in Ubuntu:
Triaged
Bug description:
We should turn on CONFIG_DEBUG_LIST which does some sanity checking on the
surrounding linked list elements when adding or removing an element. If the
sanity check fails, the list manipulation operation is not and a loud warning
is printed to the logs in the form of a WARN().
This may prevent some exploits that involve manipulating a linked list.
This config option is recommended by the Kernel Self Protection
Project[1] and a 2019 study performed by Capsule 8 shows that it is
enabled in some other major distro kernels[2].
[1]
https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings
[2]
https://capsule8.com/blog/millions-of-binaries-later-a-look-into-linux-hardening-in-the-wild/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1855334/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
