On 6/29/26 18:22, Xiang Mei wrote:
>> Please don't even try to send a v3 without addressing this.
> This is a demo exploiting CVE-2026-31419 with this technique:
> https://github.com/google/security-research/pull/397

Thanks for sharing that. That's really good info.

But what I want to hear a bit more about is why this new guard region is
a good, generic mitigation. Does it help mitigate a whole class of
vulnerabilities?

I think you're making the claim that this ENTER technique takes what
would normally just be a DoS and makes it fully exploitable. Does this
happen for a lot of DoS bugs? Or is CVE-2026-31419 very unusual and this
stack guard gunk won't ever be useful again?

Reply via email to