Techly NewsGet the app

Get the latest tech news

A deep dive into Linux's new mseal syscall


By Alan Cao If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond…

mseal digresses from prior memory protection schemes on Linux because it is a syscall tailored specifically for exploit mitigation against remote attackers seeking code execution rather than potentially local ones looking to exfiltrate sensitive secrets in-memory. Hardening NX Even with the continued existence of code reuse techniques like ROP, attackers may prefer to gain shellcoding capability during exploitation; this can provide a stable and “easy win,” especially if constraints are imposed on the gadget chain. A simple strategy to accommodate real-world software could involve sparingly introducing a macro-ized version of the mseal code snippet and iteratively sealing pages in select stack frames where untrusted data could reside for exploitation:

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Linux

Linux

Photo of deep dive

deep dive

Photo of new mseal

new mseal

Related news:

News photo

AMDGPU Changes Readied For Linux 6.13: Runtime Repartitioning, Many Fixes

News photo

Linux Support Continues For The Now-Canceled Snapdragon X Elite Dev Kit For Windows

News photo

DRM Client Library Code Ready Ahead Of Linux 6.13

« All the news about daily puzzle games
New species of tardigrade reveals secrets of radiation-resisting powers »