[$] A hole in FineIBT protection
Date:
Thu, 27 Feb 2025 15:44:23 +0000
Description:
Intel's indirect
branch tracking (IBT) is a hardware-implemented control-flow-integrity mechanism that makes it harder for an attacker to gain control of the
system by way of a corrupted indirect branch. FineIBT is a software
extension to IBT that is meant to improve its protection. Recently,
though, Jennifer Miller reported a novel way to bypass
FineIBT by taking advantage of how the kernel's system-call entry point is constructed. In response, Peter Zijlstra is working on some FineIBT enhancements to close that hole and make IBT more secure in general.
======================================================================
Link to news story:
https://lwn.net/Articles/1011680/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)