Fix of reduced stack entropy in the Linux ASLR

Prize: National/international honour

Description

Google rewarded us for the Linux ASLR integer overflow fix which increments the stack entropy of processes by four. This patch improves the security of all Linux processes transparently. The issue is that the stack for processes is not properly randomized on 64 bit architectures due to an integer overflow. The security issue was present in all Linux kernel versions since April 2005, and has been included in Linux 4.0.
Awarded dateAug 2015
OrganisationsGoogle Inc.

Keywords

  • CbyerSecurity
  • ASLR
  • Linux

Fingerprint

entropy
stack