Ask / Submit

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-09-13 11:05:17 +0200

If Broadpwn (a recent exploit of Broadcom wi-fi chip firmware), along with a host of other exploits, can get past kernel ASLR I don't think it's going to stop Blueborne either. The only kernel feature I'm aware of that actually stops Blueborne is Kernel Stack Protector, a kernel-level anti buffer overflow feature activated at compile time, and it's not enabled on a lot of distros, or Android, so I wouldn't be surprised if it's not enabled on SailfishOS.

Rather annoyingly the developers of the Blueborne exploit notified Google, Microsoft and Apple of what they had come up with in May, but the Linux kernel developers were briefed only last month so the fix is only now being deployed in more actively maintained distros.

If Broadpwn (a recent exploit of Broadcom wi-fi chip firmware), along with a host of other exploits, can get past kernel ASLR I don't think it's going to stop Blueborne either. The only kernel feature I'm aware of that actually stops Blueborne is Kernel Stack Protector, a kernel-level anti buffer overflow feature activated at compile time, and it's time. It's not enabled on a lot of distros, or Android, Android for that matter, so I wouldn't be too surprised if it's not enabled on SailfishOS.SailfishOS either.

Rather annoyingly the developers of the Blueborne exploit notified Google, Microsoft and Apple of what they had come up with in May, but the Linux kernel developers were briefed only last month so the fix is only now being deployed in more actively maintained distros.

If Broadpwn (a recent exploit of Broadcom wi-fi chip firmware), along with a host of other exploits, can get past kernel ASLR I don't think it's going to stop Blueborne either. The only kernel feature I'm aware of that actually stops Blueborne (a kernel buffer overflow exploit) is Kernel Stack Protector, a kernel-level anti buffer overflow feature activated at compile time. It's not enabled on a lot of most distros, or Android for that matter, so I wouldn't be too surprised if it's not enabled on SailfishOS either.

Rather annoyingly the developers of the Blueborne exploit notified Google, Microsoft and Apple of what they had come up with in May, but the Linux kernel developers were briefed only last month so the fix is only now being deployed in more actively maintained distros.distros. This could have been fixed with the recent significant update to BlueZ, but the patch was only just deployed so it's obviously not in the version SailfishOS is using.