• [$] May the FOLL_FORCE not be with you

    From LWN.net@1337:1/100 to All on Friday, July 26, 2024 15:30:04
    [$] May the FOLL_FORCE not be with you

    Date:
    Fri, 26 Jul 2024 14:19:23 +0000

    Description:
    One of the simplest hardening concepts to understand is that memory should never be both writable and executable, otherwise an attacker can use it to
    load and run arbitrary code. That rule is generally followed in Linux
    systems, but there is a glaring loophole that is exploitable from user
    space to inject code into a running process. Attackers have duly exploited
    it. A new effort to close the hole ran into trouble early in the merge
    window, but a solution may yet be found in time for the 6.11 kernel
    release.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/983169/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)