Re: [PATCH v2 1/5] binfmt_elf: Use ELF_ET_DYN_BASE only for PIE

On Fri, Jun 23, 2017 at 1:59 PM, Kees Cook wrote: > For 32-bit tasks when RLIMIT_STACK is set to RLIM_INFINITY, programs > are loaded below the mmap region. This means they can be made to collide > (CVE-2017-1000370) or nearly collide (CVE-2017-1000371) with pathological >

[PATCH v2 1/5] binfmt_elf: Use ELF_ET_DYN_BASE only for PIE

The ELF_ET_DYN_BASE position was originally intended to keep loaders away from ET_EXEC binaries. (For example, running "/lib/ld-linux.so.2 /bin/cat" might cause the subsequent load of /bin/cat into where the loader had been loaded.) With the advent of PIE (ET_DYN binaries with an INTERP Program