From owner-freebsd-security@FreeBSD.ORG Tue Sep 15 18:08:18 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5883B106566B for ; Tue, 15 Sep 2009 18:08:18 +0000 (UTC) (envelope-from matt@chronos.org.uk) Received: from chronos.org.uk (chronos-pt.tunnel.tserv5.lon1.ipv6.he.net [IPv6:2001:470:1f08:12b::2]) by mx1.freebsd.org (Postfix) with ESMTP id 9B6BA8FC18 for ; Tue, 15 Sep 2009 18:08:17 +0000 (UTC) Received: from workstation1.localnet (workstation1.local.chronos.org.uk [IPv6:2001:470:1f09:12b::20]) (authenticated bits=0) by chronos.org.uk (8.14.3/8.14.3) with ESMTP id n8FI8BHC051218 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 15 Sep 2009 19:08:12 +0100 (BST) (envelope-from matt@chronos.org.uk) X-DKIM: Sendmail DKIM Filter v2.8.3 chronos.org.uk n8FI8BHC051218 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=chronos.org.uk; s=mail; t=1253038092; bh=WA1ipLWY5fGGQtZd++mP/KP3KPi0yja+0KMtMgmQXgA=; h=From:To:Subject:Date:References:In-Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Message-Id; b=js/Is9rZcOTPUBd+2FAVB9VjgEVGLQCqIgrhQW92IHuW5pYBpvQWdg2Z25DzuafCQ zBTXzz/iVMPQF3QX2TY/s5C/fTfoOW2C/cNImtCwSK3XAehc3b8/d+7sBa0eMGTOqD yblGeKMiqS7QISFx69g8flfenVSx+Os5blRdebhw= From: Matt Dawson To: freebsd-security@freebsd.org Date: Tue, 15 Sep 2009 19:08:09 +0100 User-Agent: KMail/1.12.1 (FreeBSD/7.2-RELEASE-p3; KDE/4.3.1; amd64; ; ) References: <4AAF4A64.3080906@thedarkside.nl> <200909151622.26589.matt@chronos.org.uk> <863a6our7c.fsf@ds4.des.no> In-Reply-To: <863a6our7c.fsf@ds4.des.no> X-Face: Uq{{&_!oO{M&ydj?-f%{D]bN7/|/]a+utod35[+IyH#R>F~YPffK,=?utf-8?q?=25=60=7D=25=0A?=FTMbmzo,]0X3K:N&{h7],FI{?EkORzB; f:V3"vKXsUNw5Yh`}ef4MZ*a4,=?utf-8?q?ObuJ=5F=26=5B1S=27zP=5CK0wcKZP=0A?==?utf-8?q?_=60=23L=25=5Dq*OUPQ-4T=3FHZ=7EAKX0=7D3W=25o=3DP?= X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.3 (chronos.org.uk [IPv6:2001:470:1f09:12b::1]); Tue, 15 Sep 2009 19:08:12 +0100 (BST) X-Virus-Scanned: clamav-milter 0.95.2 at central.local.chronos.org.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.1 required=3.0 tests=AWL,BAYES_00, DATE_IN_FUTURE_96_XX,NO_RELAYS autolearn=no version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on central.local.chronos.org.uk Cc: des@des.no Subject: Re: Protecting against kernel NULL-pointer derefs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Sep 2009 18:08:18 -0000 On Tuesday 15 Sep 2009 17:07:35 Dag-Erling Sm=C3=B8rgrav wrote: > Pieter strongly implied that there had been numerous such cases, when > in fact there hasn't. Yes, DES, it could be read that way and I apologise. Without trying to=20 wiggle out of that apology, it just seemed a bit harsh when I doubt what=20 was written was meant as "the code is riddled with these things! RIDDLED!"= =20 given the fact that Pieter proposed a possible mitigation instead of the=20 expected "El Reg says it's broken! EL REG! Fix it now, goddammit!" ;o) @All: Having put both feet in my mouth and had to publicly apologise, we now have= =20 a little more information from Przemyslaw on what is potentially broken and= =20 what isn't (7.2, the current production release). That "probably more to=20 come," while still vague and very much unverified, makes me wonder if=20 Pieter's interim mitigation or something very much like it isn't needed=20 Right Now [TM] as he says. So, is there any technically sound reason why=20 raising VM_MIN_ADDRESS to 65536 would not be a good trade-off (or even just= =20 a good idea) in security terms until we're sure there are no more of these= =20 lurking? A few of us paranoid security types might want to do so manually=20 in the interim if there are no objections. =2D-=20 Matt Dawson MTD15-RIPE matt@chronos.org.uk