20223 – libio: Implement vtable validation

Bug 20223 - libio: Implement vtable validation

Summary: libio: Implement vtable validation

Status:	RESOLVED DUPLICATE of bug 20191

Alias:	None

Product:	glibc
Classification:	Unclassified
Component:	libc (show other bugs)
Version:	2.24

Importance:	P2 normal
Target Milestone:	---
Assignee:	Florian Weimer

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-06-08 12:24 UTC by Florian Weimer
Modified:	2016-06-09 12:22 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Flags:	fweimer: security-

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Florian Weimer 2016-06-08 12:24:47 UTC

There is a well-documented exploit technique which involves writing pointers to custom vtables for the stdio streams, thus hijacking code execution.

By default, we should reject invalid vtables.  For backwards compatibility with really old binaries (from the GCC 2.95 era), we need to provide some way to disable this hardening on demand.

Further background information about the libio ABI is available here:

  https://sourceware.org/glibc/wiki/LibioVtables

This is just additional security hardening (despite existing exploits), so I'm flagging this issue as security-.

Comment 1 Florian Weimer 2016-06-09 12:22:43 UTC

Not sure what I was thinking ...

*** This bug has been marked as a duplicate of bug 20191 ***