Ubuntu
linux package

[19.10 FEAT] kernel address space layout randomization

Bug #1832626 reported by bugproxy
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
High
Frank Heimes
linux (Ubuntu)
Fix Released
Undecided
Skipper Bug Screeners

Bug Description

With kernel address space layout randomization (KASLR), the kernel can be loaded to a random location
in memory.

Protecting against certain attacks that rely on knowledge of the kernel addresses.

Available with kernel 5.2

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-178130 severity-high targetmilestone-inin1910
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Andrew Cloke (andrew-cloke)
Changed in ubuntu-z-systems:
importance: Undecided → High
assignee: nobody → Canonical Kernel Team (canonical-kernel-team)
assignee: Canonical Kernel Team (canonical-kernel-team) → nobody
assignee: nobody → Frank Heimes (frank-heimes)
Revision history for this message
Frank Heimes (fheimes) wrote :

Set to Incomplete until kernel 5.2 lands in eoan.

Changed in ubuntu-z-systems:
status: New → Incomplete
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2019-07-10 07:57 EDT-------
Git Commit for kernel 5.2 :
https://github.com/torvalds/linux/commit/cd479eccd2

Revision history for this message
Frank Heimes (fheimes) wrote :

$ rmadison --arch=s390x linux-generic | grep eoan-proposed
 linux-generic | 5.2.0.8.9 | eoan-proposed | s390x
$ git tag --contains cd479eccd2
Ubuntu-5.2.0-8.9
v5.2
$ git show cd479eccd2
commit cd479eccd2e057116d504852814402a1e68ead80
Author: Martin Schwidefsky <email address hidden>
Date: Mon Mar 4 12:33:28 2019 +0100

    s390: limit brk randomization to 32MB

    For a 64-bit process the randomization of the program break is quite
    large with 1GB. That is as big as the randomization of the anonymous
    mapping base, for a test case started with '/lib/ld64.so.1 <exec>'
    it can happen that the heap is placed after the stack. To avoid
    this limit the program break randomization to 32MB for 64-bit and
    keep 8MB for 31-bit.

    Reported-by: Stefan Liebler <email address hidden>
    Signed-off-by: Martin Schwidefsky <email address hidden>

With that changing status to Fix Committed.

Changed in linux (Ubuntu):
status: New → Fix Committed
Changed in ubuntu-z-systems:
status: Incomplete → Fix Committed
information type: Private → Public
Revision history for this message
Frank Heimes (fheimes) wrote :

Since kernel 5.2 eventually landed in eoan's release pocket:
  linux-generic | 5.2.0.8.9 | eoan | s390
I'm changing this LP ticket to Fix Released.

Changed in linux (Ubuntu):
status: Fix Committed → Fix Released
Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-07-16 06:30 EDT-------
IBM bugzilla status -> closed, Fix Released with Eoan

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.