On Tue, 2017-04-25 at 12:09:41 UTC, Michael Ellerman wrote:
> The recent patch to add runtime configuration of the ASLR limits added a bug
> in
> arch_mmap_rnd() where we may shift an integer (32-bits) by up to 33 bits,
> leading to undefined behaviour.
>
> In practice it exhibits as every proces
On Tue, Apr 25, 2017 at 5:09 AM, Michael Ellerman wrote:
> The recent patch to add runtime configuration of the ASLR limits added a bug
> in
> arch_mmap_rnd() where we may shift an integer (32-bits) by up to 33 bits,
> leading to undefined behaviour.
>
> In practice it exhibits as every process s
The recent patch to add runtime configuration of the ASLR limits added a bug in
arch_mmap_rnd() where we may shift an integer (32-bits) by up to 33 bits,
leading to undefined behaviour.
In practice it exhibits as every process seg faulting instantly, presumably
because the rnd value hasn't been re
