Re: Kernel: Fix for CVE-2017-1000364 (mm: enlarge stack guard gap) breaks java application
Hi Stephan,
On Mon, Jun 26, 2017 at 02:32:59PM +0200, Stephan Seitz wrote:
> Hi!
>
> The kernel fix for CVE-2017-1000364 (mm: enlarge stack guard gap) breaks
> java application (or at least some), see https://stackoverflow.com/questions/44719488/segmentation-fault-when-starting-jvm-using-jpype
>
> You can change the stack guard gap via kernel parameter:
>
> stack_guard_gap= [MM]
> override the default stack gap protection. The value is in page units and it
> defines how many pages prior to (for stacks growing down) resp. after (for
> stacks growing up) the main stack are reserved for no other mapping. Default
> value is 256 pages.
>
> What is the value to get the previous behaviour?
We issued a regression update:
https://lists.debian.org/debian-security-announce/2017/msg00160.html
To answer your question still, if you set the kernel parameter to
stack_guard_gap=1 this wuould effectively revert the fix for
CVE-2017-1000364.
Hope this helps?
Regards,
Salvatore
Reply to: