similar to: Question about Rowhammer Mitigation

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

Hey All, [NOTE: crossposting between freebsd-current@, freebsd-security@, and freebsd-stable at . Please forgive me if crossposting is frowned upon.] Address Space Layout Randomization, or ASLR for short, is an exploit mitigation technology. It helps secure applications against low-level exploits. A popular secure implementation is known as PaX ASLR, which is a third-party patch for Linux. Our

On Fri, Jan 5, 2018 at 12:51 AM Leslie Zhai via llvm-dev < llvm-dev at lists.llvm.org> wrote: > Hi LLVM developers, > > Does it need to implement <Target>RetpolineThunksPass, > `getOpcodeForRetpoline`, `EmitLoweredRetpoline`, etc. for other Targets? > Or does it also need to implement `RetpolinePic` to inherit from > <Target> for LLD's Backends? Alex is my

Thanks for the notification, Chandler. I also wanted to note that I’ve just posted another component for Spectre mitigation (variant 1), see https://reviews.llvm.org/D41760 and https://reviews.llvm.org/D41761. I believe this is completely complementary to the retpoline mitigation you pointed to at https://reviews.llvm.org/D41723#, which is targeted at mitigating variant 2. Thanks, Kristof On 4

https://bugzilla.mindrot.org/show_bug.cgi?id=3656 Bug ID: 3656 Summary: How to fix row hammer attacks? Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: sshd Assignee: unassigned-bugs at mindrot.org

FYI to all: I've updated the design document to include the newly disclosed variants 1.1 and 1.2 (collectively called Bounds Check Bypass Store or BCBS). There is no change to the proposed implementation which can already robustly mitigate these variants. I've also updated my patch as we have very significant interest in getting at least an early "beta" version of this into the

Just a heads up that I'm seeing major stability problems on these builds. Didn't have console capture setup unfortunately, but have seen my test hypervisor hard lock twice over the weekend. This is with xpti being used, rather than the shim. Cheers, Nathan > -----Original Message----- > From: CentOS-virt [mailto:centos-virt-bounces at centos.org] On Behalf Of > George Dunlap

Awesome, replied. We've been working on similar things, but didn't have them ready-to-publish due to slightly lower urgency (there are reasonable ways to locally mimic these kinds of things in sensitive areas like the Linux kernel, and even finding code patterns for variant #1 is substantially harder). We have some significantly different APIs we'd like to discuss here based on

Hi everyone! I want to clarify the purpose and design of SESES. Thus far, I've characterized it as an LVI mitigation which is somewhat incorrect. SESES was built as a "big hammer." It is intended to protect against many side channel vulnerabilities (Spectre v1, Spectre v4, LVI, etc, etc) even though it was built in response to LVI. For folks protecting against LVI, this is an

Hi Chandler, Thank you very much for sharing this! The RFC is pretty lengthy but the far majority of it makes sense to me. I’m sure I’m forgetting to react to some aspects below, but I thought I’d summarize some initial thoughts and questions I had after reading the RFC end-to-end. * I believe the same high-level principles you outline can also be used to implement the same protection on the

I'm also a bit unclear on that point. I think one input here has to be: what are some example, existing codebases we want to mitigate, and what should the user experience be to mitigate them? I don't think we can make good engineering tradeoffs without having concrete use cases to evaluate. Another point: it seems some mitigation options have already been added to the GNU toolchain

There was one open issue that i landed the fix for today. I was letting bots clear out before i ping you with the patch series to merge. On Thu, Feb 1, 2018 at 1:11 AM Hans Wennborg <hans at chromium.org> wrote: > Hi all, > > I saw the retpoline mitigation landed in r323155. Are we ready to merge > this to 6.0, or are there any open issues that we're waiting for? Also,

Am 24.05.2017 um 17:50 schrieb Jeremy Allison via samba: > Here are some mitigation techniques from Red Hat in > case servers cannot be patched immediately: > 2. Mount the filessytem which is used by samba for its writeable share, > using "noexec" option. I would have expected this to be standard security precaution on all pure file servers (which is probably the most

On Fri, Feb 2, 2018 at 5:56 PM Guenter Roeck <linux at roeck-us.net> wrote: > On 02/02/2018 04:27 PM, Chandler Carruth wrote: > > On Fri, Feb 2, 2018 at 4:23 PM Chandler Carruth <chandlerc at google.com > <mailto:chandlerc at google.com>> wrote: > > > > On Fri, Feb 2, 2018 at 4:03 PM David Woodhouse <dwmw2 at infradead.org > <mailto:dwmw2 at

Thanks George. As there are now quite many options to choose from, what would be the best option performance wise for running 32bit domUs under xen-4.6? Best, Peter On Wed, Jan 17, 2018 at 7:14 PM, George Dunlap <dunlapg at umich.edu> wrote: > I've built & tagged packages for CentOS 6 and 7 4.6.6-9, with XPTI > "stage 1" Meltdown mitigation. > > This will

> -----Original Message----- > From: CentOS-virt [mailto:centos-virt-bounces at centos.org] On Behalf Of > Peter Peltonen > Sent: Thursday, January 18, 2018 11:19 AM > To: Discussion about the virtualization on CentOS <centos-virt at centos.org> > Subject: Re: [CentOS-virt] Xen 4.6.6-9 (with XPTI meltdown mitigation) > packages making their way to centos-virt-xen-testing

On 3/28/2019 7:42 AM, Aki Tuomi via dovecot wrote: > olution: > Operators should update to the latest Patch Release. The only workaround > is to disable FTS and pop3-uidl plugin. Hi Aki, thanks for the CVE.? For quick mitigation, can you confirm how to disable these plugins and what they provide?? We'd like to assess if we are using them while we rollout the fix. Regards, KAM

Hi all, I understand how the speculative information flow attack works. I'm trying get my head around the spectre v1 mitigation of LLVM. In the design document here : https://llvm.org/docs/SpeculativeLoadHardening.html#speculative-load-hardening. <https://llvm.org/docs/SpeculativeLoadHardening.html#speculative-load-hardening> Example: void leak(int data);void example(int* pointer1,

On Aug 26, 2013, at 2:39 PM, Stephen Crane <sjcrane at uci.edu> wrote: > We have been working on adding randomness into code generation > to create a diverse population of binaries. This diversity prevents > code-reuse attacks such as return-oriented-programming (ROP) by > denying the attacker information about the exact code layout. Putting on my security hat (as opposed to

Asterisk Project Security Advisory - AST-2015-002 Product Asterisk Summary Mitigation for libcURL HTTP request injection vulnerability Nature of Advisory HTTP request injection Susceptibility Remote