Bug#756898: linux: please protect the kernel against stack attacks

To: Debian BTS submission <submit@bugs.debian.org>
Subject: Bug#756898: linux: please protect the kernel against stack attacks
From: Laurent Bonnaud <L.Bonnaud@laposte.net>
Date: Sun, 03 Aug 2014 11:42:21 +0200
Message-id: <[🔎] 53DE03FD.8040708@laposte.net>
Reply-to: Laurent Bonnaud <L.Bonnaud@laposte.net>, 756898@bugs.debian.org

Package: linux
Version: 3.14.13-2
Severity: wishlist


Hi,

the Linux kernel in Debian is currently not protected against stack attacks:

$ grep STACKPROTECTOR /boot/config-3.14-2-amd64
CONFIG_HAVE_CC_STACKPROTECTOR=y
# CONFIG_CC_STACKPROTECTOR is not set
CONFIG_CC_STACKPROTECTOR_NONE=y
# CONFIG_CC_STACKPROTECTOR_REGULAR is not set
# CONFIG_CC_STACKPROTECTOR_STRONG is not set

Here is a good reference on the topic:

  https://lkml.org/lkml/2013/12/20/180

So could you please activate one of those options ?

CONFIG_CC_STACKPROTECTOR_REGULAR can be activated now with gcc 4.8.
CONFIG_CC_STACKPROTECTOR_STRONG can be activated once gcc 4.9 is used
the compile the kernel.

-- 
Laurent.

Reply to:

Follow-Ups:
- Bug#756898: linux: please protect the kernel against stack attacks
  - From: Ben Hutchings <ben@decadent.org.uk>
- Processed: Re: Bug#756898: linux: please protect the kernel against stack attacks
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#756898: marked as done (linux: please protect the kernel against stack attacks)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#756885: nfsidmap: request-key command line wrong arg count
Next by Date: Bug#756900: nfs-utils: new upstream versions available
Previous by thread: Bug#756885: Wrong arg count harmless
Next by thread: Bug#756898: linux: please protect the kernel against stack attacks
Index(es):
- Date
- Thread