Techly NewsGet the app

Get the latest tech news

Linux Security Hardening Cache Randomization Was Inadvertently Using The Same Seed


Ahead of the upcoming Linux 6.15 kernel cycle a few early pull requests have already been sent in to Linus Torvalds in advance of the anticipated v6.14 release on Sunday

CONFIG_RANDOM_KMALLOC_CACHES creates multiple copies of slab caches and makes kmalloc randomly pick one based on the code address in order to help fend off memory vulnerability exploits. Gong Ruiqi of Huawei who worked out the solution to the issue explained:"That literally means all kmalloc invoked via kvmalloc would use the same seed for cache randomization (CONFIG_RANDOM_KMALLOC_CACHES), which makes this hardening non-functional. The root cause of this problem, IMHO, is that using RET_IP only cannot identify the actual allocation site in case of kmalloc being called inside non-inlined wrappers or helper functions.

Get the Android app

Or read this on Phoronix

Read more on:

Photo of seed

seed

Photo of linux security

linux security

Photo of cache randomization

cache randomization

Related news:

News photo

Agentic AI startup AMT aims to be ‘Google Adwords for influencers,’ raises seed round

News photo

African VC LoftyInc Capital launches third fund for seed and Series A, reaches $43M first close

News photo

Cino cracks bill-splitting at the moment of payment, raises seed round

« Liberapay
Microsoft ducks politico questions on Copilot bundling and lack of consent »