Summary: | Thread stack and heap caches | ||
---|---|---|---|
Product: | glibc | Reporter: | Ilya Smith <blackzert> |
Component: | nptl | Assignee: | Not yet assigned to anyone <unassigned> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | CC: | blackzert, carlos, drepper.fsp, fweimer, he.dian1 |
Priority: | P2 | Flags: | fweimer:
security-
|
Version: | unspecified | ||
Target Milestone: | --- | ||
See Also: | https://bugzilla.redhat.com/show_bug.cgi?id=1546605 | ||
Host: | Target: | ||
Build: | Last reconfirmed: |
Description
Ilya Smith
2018-02-16 12:09:35 UTC
Flagging as security- because this is a request for additional hardening. Hello, Can you please explain me what exactly this hardening is? If this hardening of security, this should be a security bug, But if you think something different, please explain me. From my point of view this bug only about security because lead to ASLR bypass or in some cases may be used as exploitation technique. One way to harden is to use a tunable for a thread stack cache, and set that to zero. hello, I would like to ask why so far this bug has not been fixed in glibc |