Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

About

Stack clash is an exploit which utilized large frame allocations to "jump the guard page" creating a scenario where the heap and stack collided under attacker control.  This can be used to gain full control of a vulnerable application.  Stack probing techniques can be used to mitigate the vast majority of vulnerabilities in this space, but implementing them requires significant work for each and every target to be supported.


Stack class mitigations are a soft requirement for distributions such as Fedora and a hard requirement for Red Hat Enterprise Linux.


Work has not started, but yet, but likely will start before the end of the summer. 



Stakeholders/Partners

RISE:

Ventana: Jeff Law



External:


Dependencies


Status

Development

IN PROGRESS


Development TimelineNA
Upstreaming

NOT STARTED


Upstream Version





Contacts

Jeff Law (Ventana)


Dependencies

None



Updates

 

  • Project reported as priority for 1H2024.


  • No labels