no remote exploits for #stackclash? cve-2012-5976 thread->thread "stackclash".. I guess we should have given it a painfully cheesy name
I was disappointed that I couldn't build the kernel with "-Werror=vla" https://lkml.org/lkml/2017/5/12/593 …
-
-
Yeah looked through all of the VLAs and alloca calls used in AOSP on the Nexus 5X so have some awareness of how many there are (surprising).
-
One accepted as a vulnerability for a bounty: https://android.googlesource.com/platform/hardware/ril/+/95610818918f6f11fe7d23aca1380e6c0fac2af0 …. Don't think there were others that they accepted as valid vulns.
-
There was an exploitable one in keymaster but it was rejected because the hmac impl was unused on Nexus devices. Not necessarily elsewhere.
-
On the positive side it had already been rewritten to be less bad in master and that's shipped in Android N IIRC, but there was no backport.
-
Still have some migration away from using VLAs but wasn't sure that there would be any interest so didn't submit or bother maintaining most.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.