subject:"Bug#1016056\: src\:linux\: Please enable CONFIG_RANDOMIZE_KSTACK_OFFSET

Bug#1016056: src:linux: Please enable CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y

2022-07-26 Thread Diederik de Haas

On dinsdag 26 juli 2022 10:27:24 CEST intrigeri wrote:
> Original pull request:
> https://lkml.iu.edu/hypermail/linux/kernel/2104.3/01302.html

https://lore.kernel.org/all/20210401232347.2791257-1-keesc...@chromium.org/ 
seems to be the corresponding link on 'lore'.

signature.asc
Description: This is a digitally signed message part.

Bug#1016056: src:linux: Please enable CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y

2022-07-26 Thread intrigeri

Source: linux
Version: 5.18.14-1
Severity: wishlist
User: tails-...@boum.org
Usertags: hardening

Hi!

Please consider setting CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y
(5.13 or newer).

This enables a security feature with low performance overhead.

Original pull request:
https://lkml.iu.edu/hypermail/linux/kernel/2104.3/01302.html

Ubuntu 22.04 LTS has this setting enabled by default.

KSPP recommends enabling it:
https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings

Thanks for your attention,
cheers!
-- 
intrigeri

Bug#1016056: src:linux: Please enable CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y

Bug#1016056: src:linux: Please enable CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y

2 matches

Site Navigation

Mail list logo

Footer information