This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Stack protector: leak of guard's address on stack

From: Florian Weimer <fw at deneb dot enyo dot de>
To: Maxim Kuvyrkov <maxim dot kuvyrkov at linaro dot org>
Cc: Thomas Preudhomme <thomas dot preudhomme at linaro dot org>, Jakub Jelinek <jakub at redhat dot com>, gcc at gcc dot gnu dot org
Date: Tue, 01 May 2018 15:37:31 +0200
Subject: Re: Stack protector: leak of guard's address on stack
References: <CAKnkMGsEPiRoKBHEJVrnHbGLNx-7gZk0Kt7uqJRMZgQD1Uh=Wg@mail.gmail.com> <20180427121601.GT8577@tucnak> <CAKnkMGsgfApCWmLfsGfFrHejR4xLotx4B1wUX8XAAo=ceh+EoQ@mail.gmail.com> <20180427122204.GU8577@tucnak> <CAKnkMGtZyZojdWkFH91TS9Hy2knttesSfcFNRdakOSjb3r03AQ@mail.gmail.com> <20180427133845.GV8577@tucnak> <CAKnkMGsJ1CkpZCJjcvVgS=RNgr_fui8jrUagxc5KA8srxMWetg@mail.gmail.com> <87y3h76vig.fsf@mid.deneb.enyo.de> <94B2316C-48EA-41AC-AED6-C7ACBBD628FE@linaro.org> <87muxm2rny.fsf@mid.deneb.enyo.de> <7132E024-182D-4A0F-859C-299CC9B5DBA8@linaro.org>

* Maxim Kuvyrkov:

> The problem is fairly target-dependent, so architecture maintainers
> need to look at how stack-guard canaries and their addresses are
> handled and whether they can be spilled onto stack.
>
> It appears we need to poll architecture maintainers before filing the CVE.

One CVE ID by identified affected architecture would work as well.
MITRE cares about affected software *versions* as well, and since the
targets were added at different GCC versions (or stack protector
support was added), the CVE IDs should be split in most cases anyway.

References:
- Re: Stack protector: leak of guard's address on stack
  - From: Maxim Kuvyrkov

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]