Ubuntu
glibc package

  1. Bug #275493
  2. Comment #9

Comment 9 for bug 275493

Revision history for this message
Kees Cook (kees) wrote : Re: [Bug 275493] Re: stack protector guard value uses a static sentinel

Yes, the recent dhclient stack buffer overflow[1][2] used memcpy, not
strcpy, making this an issue for Hardy. There is evidence that attacks
were built against Ubuntu Hardy that took into account the static guard
value, which would have been stopped if the value was correctly
randomized.

Given that similar issues may again happen, I feel it is best to make
sure this protection is fixed for Hardy.

[1] http://www.ubuntu.com/usn/usn-803-1
[2] http://www.debian.org/security/2009/dsa-1833
[3] http://lists.immunitysec.com/pipermail/dailydave/2009-July/005829.html