≡ Menu

memory corruption

Debian project today released a pair of security updates to plug at least ten security holes in its core called Linux kernel. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. This update has been rated as having important security impact.
[click to continue…]

Since version 4.3, gcc changed its behavior concerning the x86/x86-64 ABI and the direction flag, that is it now assumes that the direction flag is cleared at the entry of a function and it doesn't clear once more if needed. According to LWN article GCC 4.3.0 exposes a kernel bug:

A change to GCC for a recent release coupled with a kernel bug has created a messy situation, with possible security implications. GCC changed some assumptions about x86 processor flags, in accordance with the ABI standard, that can lead to memory corruption for programs built with GCC 4.3.0. No one has come up with a way to exploit the flaw, at least yet, but it clearly is a problem that needs to be addressed.

=> GCC 4.3.0 exposes a kernel bug (via ./)