Comment 0 for bug 1337339

Revision history for this message
John Johansen (jjohansen) wrote :

Don't allow ptrace to set RIP to a value that couldn't happen by
ordinary control flow. There are CPU bugs^Wfeatures that can have
interesting effects if RIP is non-canonical.

I didn't make the corresponding x86_32 change, since x86_32 has no
concept of canonical addresses.

putreg32 doesn't need this fix: value is only 32 bits, so it can't
be non-canonical.

Fixes CVE-2014-4699. There are arguably still bugs here, but this
fixes the major issue.