Ask / Submit

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-09-12 18:14:21 +0200

SailfishOS and Blueborne bluetooth attack

Is SailfishOS currently affected by the Blueborne attack on bluetooth? Linux is explicitly vulnerable. But it also states that ASLR provides a degree of protection.

ASLR seems to be in place on my J1 on 2.1.1.26:

[nemo@Sailfish ~]$ cat /proc/sys/kernel/randomize_va_space 
2

This is good, it means ASLR enabled: "Full address space randomization. Contains the feature of value 1 in addition brk area is randomized.")

[nemo@Sailfish ~]$ file /usr/sbin/bluetoothd
/usr/sbin/bluetoothd: ELF 32-bit LSB  shared object, ARM, EABI5 version 1…

This is also good: "shared object" instead of "executable", the latter would indicate it has position dependent code, and therefor no ASLR.

Does this indeed indicate sufficient protection for now?

SailfishOS and Blueborne bluetooth attack

Is SailfishOS currently affected by the Blueborne attack on bluetooth? Linux is explicitly vulnerable. But it also states that ASLR provides a degree of protection.

ASLR seems to be in place on my J1 on 2.1.1.26:

[nemo@Sailfish ~]$ cat /proc/sys/kernel/randomize_va_space 
2

This is good, it means ASLR enabled: "Full address space randomization. Contains the feature of value 1 in addition brk area is randomized.")

[nemo@Sailfish ~]$ file /usr/sbin/bluetoothd
/usr/sbin/bluetoothd: ELF 32-bit LSB  shared object, ARM, EABI5 version 1…

This is also good: "shared object" instead of "executable", the latter would indicate it has position dependent code, and therefor no ASLR.

Does this indeed indicate sufficient protection for now?