On Mon, Jan 20, 2014 at 02:42:34PM +0100, Hannes Frederic Sowa wrote: > What would be interesting, especially for the linux kernel, is to restrict > jmp and callq addresses so it is impossible for an attacker to get control > over them and e.g. dispatch own code on network packet dismantling without > needing whole pointer checking infrastructure e.g.
Just remembered there was some research on this already:
<http://zero-entropy.de/fpp.pdf>
Greetings,
Hannes
