Re: Protecting against kernel NULL-pointer derefs
Pieter de Boer <pieter@thedarkside.nl> writes:
> Given the amount of NULL-pointer dereference vulnerabilities in the
> FreeBSD kernel that have been discovered of late,
Specify "amount" and define "of late".
> By disallowing userland to map pages at address 0x0 (and a bit beyond),
> it is possible to make such NULL-pointer deref bugs mere DoS'es instead
> of code execution bugs. Linux has implemented such a protection for a
> long while now, by disallowing page mappings on 0x0 - 0xffff.
Yes, that really worked out great for them:
http://isc.sans.org/diary.html?storyid=3D6820
DES
--=20
Dag-Erling Sm=C3=B8rgrav - des@des.no
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 3 之 22 篇):