[Bug 1685710] [NEW] [Feature] CNL:Enable ROP Heuristics

quanxian quanxian.wang at intel.com
Mon Apr 24 06:12:22 UTC 2017


Public bug reported:

In modern programming language the caller return address is pushed into the stack. When callee function exits the return address is 'popped' out of the stack and caller continue executing. This potentially creates security issues since the return address could be modified by malicious code.
When enabled, the CET/ROP Heuristics automatically saves the return address in processor-internal memory. When a function exits by executing the "ret" instruction, the processor automatically compares the address stored in its internal memory against the address popped from the stack. If there is a mismatch, the processor generates GP fault, signalling/stopping the program and potentially alerting the sysadmin.


Target Kernel: 4.13
Target Release: 17.10

** Affects: firefox (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1685710

Title:
  [Feature] CNL:Enable ROP Heuristics

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1685710/+subscriptions



More information about the Ubuntu-mozillateam-bugs mailing list