On Fri, 16 Feb 2024 22:25:44 -0800, Kees Cook wrote:
> Currently the brk starts its randomization immediately after .bss,
> which means there is a chance that when the random offset is 0, linear
> overflows from .bss can reach into the brk area. Leave at least a single
> page gap between .bss and brk (when it has not already been explicitly
> relocated into the mmap range).
>
>
> [...]
Patch 1/2 was already applied via x86 tip, so I'll grab this one for the
execve/binfmt tree.
Applied to for-next/execve.
[2/2] binfmt_elf: Leave a gap between .bss and brk
https://git.kernel.org/kees/c/2a5eb9995528
Take care,
--
Kees Cook
