LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Friday, November 15th, 2019

    Time Event
    1:10p
    Cook: Security things in Linux v5.3
    Kees Cook catches
    up with the security improvements     in the 5.3 kernel.
    "In recent exploits, one of the steps for making the attacker’s life
    easier is to disable CPU protections like Supervisor Mode Access (and
    Execute) Prevention (SMAP and SMEP) by finding a way to write to CPU
    control registers to disable these features. For example, CR4 controls SMAP
    and SMEP, where disabling those would let an attacker access and execute
    userspace memory from kernel code again, opening up the attack to much
    greater flexibility. CR0 controls Write Protect (WP), which when disabled
    would allow an attacker to write to read-only memory like the kernel code
    itself. Attacks have been using the kernel’s CR4 and CR0 writing functions
    to make these changes (since it’s easier to gain that level of execute
    control), but now the kernel will attempt to 'pin' sensitive bits in CR4
    and CR0 to avoid them getting disabled. This forces attacks to do more work
    to enact such register changes going forward.    "
    2:42p
    Security updates for Friday
    Security updates have been issued by CentOS (kernel), Debian (ghostscript, mesa, and postgresql-common), Fedora (chromium, php-robrichards-xmlseclibs, php-robrichards-xmlseclibs3, samba, scap-security-guide, and wpa_supplicant), Mageia (cpio, fribidi, libapreq2, python-numpy, webkit2, and zeromq), openSUSE (ImageMagick, kernel, libtomcrypt, qemu, ucode-intel, and xen), Oracle (kernel), Red Hat (ghostscript, kernel, and kernel-rt), Scientific Linux (ghostscript and kernel), SUSE (bash, enigmail, ghostscript, ImageMagick, kernel, libjpeg-turbo, openconnect, and squid), and Ubuntu (ghostscript, imagemagick, and postgresql-common).
    7:46p
    [$] Keeping memory contents secret
    One of the many responsibilities of the operating system is to help
    processes keep secrets from each other. Operating systems often fail in
    this regard, sometimes due to factors — such as hardware bugs and user-space
    vulnerabilities — that are beyond their direct control. It is thus
    unsurprising that there is an increasing level of interest in ways to
    improve the ability to keep data secret, perhaps even from the operating
    system itself. The MAP_EXCLUSIVE
    patch set from Mike Rapoport is one example of the work that is being done
    in this area; it also shows that the development community has not yet
    really begun to figure out how this type of feature should work.

    << Previous Day 2019/11/15
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org