This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug nptl/22850] Stack protector bypass via overwrite to TCB


https://sourceware.org/bugzilla/show_bug.cgi?id=22850

Carlos O'Donell <carlos at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|Stack protector easy to     |Stack protector bypass via
                   |bypass                      |overwrite to TCB

--- Comment #3 from Carlos O'Donell <carlos at redhat dot com> ---
(In reply to Ilya Smith from comment #2)
> If I understand correct from here
> https://sourceware.org/glibc/wiki/Bugzilla%20Procedures, flag security-
> means non security bug. But this one is about SECURITY. So in my opinion
> this issue is security+.

Please review this document:
https://sourceware.org/glibc/wiki/Security%20Process#What_is_a_security_bug.3F

For this to be a security bug it has to meet the criteria we set out in that
process for classifying security defects.

As of today this issue is *not* considered a security issue, it is a
post-attack mitigation, and we try to make that distinction very clear. We
absolutely want to fix this, and improve the hardening the library has, but it
must be weighed against other work that is being done in the project.

Yes, overall, we discuss these issues under the broader umbrella term of
"security", but we try to categorize our response based on exactly how the flaw
plays into the various phases of attack or post-attack.

I hope this explanation helps.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]