Skip to content

x86 KASLR base exposed due to lack of entry trampoline (EntryBleed, CVE-2022-4543) #361

New issue
New issue
Open
Open
x86 KASLR base exposed due to lack of entry trampoline (EntryBleed, CVE-2022-4543)#361
Labels
[ARCH] x86_64Needed on the 64-bit x86 architecture (ARCH=x86)[Defense] information exposureProvide a defense for an information exposure
@kees

Description

@kees
kees
opened on May 16, 2024

https://www.willsroot.io/2022/12/entrybleed.html

From v4.20 on, after KPTI was implemented, which had a fixed-location syscall entry trampoline, the trampoline was removed. This exposes the actual kernel mapping address via prefetch, etc. We need to restore this trampoline.

Metadata

Metadata

Assignees

No one assigned

    Labels

    [ARCH] x86_64Needed on the 64-bit x86 architecture (ARCH=x86)[Defense] information exposureProvide a defense for an information exposure

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions