Fix of the offset2lib weakness

  • Marco Gisbert, Hector (Recipient) & Ripoll, Ismael (Recipient)

Prize: National/international honour

Description

Google rewarded us for the Offset2lib weakness fix in the Linux kernel. ASLR design had a weakness that allowed attackers to de-randomize (i.e. effectively bypass the ASLR) shared objects (libraries) by pivoting from application code. This is another step to improve the security of Linux systems.
Granting OrganisationsGoogle Inc.

Keywords

  • CybserSecurity
  • ASLR
  • Linux

    Fingerprint