[$] Enhancing FineIBT
Date:
Fri, 10 Oct 2025 14:32:27 +0000
Description:
At the Linux
Security Summit Europe (LSS EU), Scott Constable and Sebastian
sterlund gave a talk on an enhancement to a control-flow integrity (CFI) protection that was added to the kernel several years ago. The " FineIBT: Fine-grain Control-flow
Enforcement with Indirect Branch Tracking " mechanism was merged for
Linux 6.2 in early 2023 to harden the kernel against CFI attacks of various sorts, but needed some fixes and
enhancements more recently. The talk looked at the CFI vulnerability
problem, FineIBT, and an enhanced version that is hoped to be able to unify
all of the disparate hardware and software mitigations to address both
regular and speculative CFI vulnerabilities.
======================================================================
Link to news story:
https://lwn.net/Articles/1039633/
--- Mystic BBS v1.12 A49 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)