About
Stack clash is an exploit which utilized large frame allocations to "jump the guard page" creating a scenario where the heap and stack collided under attacker control. This can be used to gain full control of a vulnerable application. Stack probing techniques can be used to mitigate the vast majority of vulnerabilities in this space, but implementing them requires significant work for each and every target to be supported.
Stack class mitigations are a soft requirement for distributions such as Fedora and a hard requirement for Red Hat Enterprise Linux.
Work has not started, but yet, but likely will start before the end of the summer.
Stakeholders/Partners
RISE:
Ventana:
External:
Dependencies
Status
Updates
- Note Stakeholders/Partners in a consistent way
– Dates on or before June 1 are approximate
- Project reported as priority for 2H23