I did see the note that this has not been demonstrated in a real-world scenario and that ASLR is also a mitigation approach. I was wondering if the team had considered the pattern match recommendation in the paper. Would this approach cause any compatibility issues? Or does the OpenSSH team saw any other concerns in implementing those changes? Thank you, Alex
Reasonably Related Threads
- [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable
- [CFT] ASLR, PIE, and segvguard on 11-current and 10-stable
- FYI, we've posted a component of Spectre mitigation on llvm-commits
- FYI, we've posted a component of Spectre mitigation on llvm-commits
- RFC: Speculative Load Hardening (a Spectre variant #1 mitigation)