On Mon, Jan 15, 2018 at 6:42 AM, Arjan van de Ven <ar...@linux.intel.com> wrote: >> >> This would means that userspace would see return predictions based >> on the values the kernel 'stuffed' into the RSB to fill it. >> >> Potentially this leaks a kernel address to userspace. > > > KASLR pretty much died in May this year to be honest with the KAISER paper > (if not before then)
KASLR was always on shaky ground for local attacks. For pure remote attacks, it's still useful. And for driving forward research, it appears to be quite useful. ;) -Kees -- Kees Cook Pixel Security