1. Forum
  2. tqwNet
  3. TQW LINUX

  • Defeating KASLR by Doing Nothing at All (Project Zero)

    From LWN.net@1337:1/100 to All on Tue Nov 4 00:00:08 2025
    Defeating KASLR by Doing Nothing at All (Project Zero)

    Date:
    Mon, 03 Nov 2025 23:59:24 +0000

    Description:
    The Project Zero blog explains that, on 64-bit Arm systems, the kernel's direct map is always placed at
    the same virtual location, regardless of whether kernel address-space
    layout randomization (KASLR) is enabled. While it remains true that KASLR should not be trusted to prevent
    exploitation, particularly in local contexts, it is regrettable
    that the attitude around Linux KASLR is so fatalistic that putting
    in the engineering effort to preserve its remaining integrity is
    not considered to be worthwhile. The joint effect of these two
    issues dramatically simplified what might otherwise have been a
    more complicated and likely less reliable exploit.

    ======================================================================
    Link to news story:
    https://lwn.net/Articles/1044867/


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)