Public bug reported: In modern programming language the caller return address is pushed into the stack. When callee function exits the return address is 'popped' out of the stack and caller continue executing. This potentially creates security issues since the return address could be modified by malicious code. When enabled, the CET/ROP Heuristics automatically saves the return address in processor-internal memory. When a function exits by executing the "ret" instruction, the processor automatically compares the address stored in its internal memory against the address popped from the stack. If there is a mismatch, the processor generates GP fault, signalling/stopping the program and potentially alerting the sysadmin.
Target Kernel: 4.13 Target Release: 17.10 ** Affects: firefox (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1685710 Title: [Feature] CNL:Enable ROP Heuristics To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1685710/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs