Back to bug 1372305

Who When What Removed Added
Florian Weimer 2016-09-01 11:35:15 UTC Blocks 1372306
Florian Weimer 2016-09-01 14:21:02 UTC Blocks 1372375
Florian Weimer 2016-11-24 16:52:59 UTC Keywords Patch
Carlos O'Donell 2017-01-19 14:06:59 UTC Assignee codonell glibc-bugzilla
Carlos O'Donell 2017-07-20 07:01:53 UTC CC codonell
Summary glibc: fopencookie hardening [rhel-7.4] glibc: fopencookie hardening
Matt Newsome 2017-07-21 19:52:23 UTC Blocks 1473718
Sergey Kolosov 2017-10-18 10:22:10 UTC CC skolosov
Florian Weimer 2017-10-18 13:16:25 UTC Status NEW ASSIGNED
Assignee glibc-bugzilla fweimer
Florian Weimer 2017-10-18 14:33:55 UTC Status ASSIGNED POST
Florian Weimer 2017-10-18 19:06:59 UTC Status POST MODIFIED
Fixed In Version glibc-2.17-211.el7
errata-xmlrpc 2017-10-22 17:24:22 UTC Status MODIFIED ON_QA
Florian Weimer 2018-01-30 17:12:17 UTC Doc Text Feature: The fopencookie function stores the callback function pointers in a mangled form.

Reason: These function pointers are a potential target for exploit writers because they reside on the heap, and execution could be redirect through them.

Result: Now that they are mangled, it is more difficult to abuse them as part of exploits because an attacker would have to guess both the location of the pointers and the pointer guard value used for mangling.
Doc Type If docs needed, set a value Enhancement
Sergey Kolosov 2018-02-26 13:51:56 UTC Status ON_QA VERIFIED
QA Contact qe-baseos-tools skolosov
errata-xmlrpc 2018-04-10 01:32:36 UTC Status VERIFIED RELEASE_PENDING
errata-xmlrpc 2018-04-10 13:56:38 UTC Status RELEASE_PENDING CLOSED
Resolution --- ERRATA
Last Closed 2018-04-10 09:56:38 UTC
errata-xmlrpc 2018-04-10 13:57:56 UTC Link ID Red Hat Product Errata RHSA-2018:0805

Back to bug 1372305