Bug 12375

Summary: CONFIG_LEGACY_VSYSCALL_NONE is enabled on x86_64 only
Product: IPFire Reporter: Peter Müller <peter.mueller>
Component: ---Assignee: Peter Müller <peter.mueller>
Status: ASSIGNED --- QA Contact:
Severity: Security    
Priority: Will affect an average number of users    
Version: 2   
Hardware: unspecified   
OS: All   
Bug Depends on:    
Bug Blocks: 12361    

Description Peter Müller 2020-04-14 15:41:33 UTC 
Quote from https://capsule8.com/blog/kernel-configuration-glossary/:

> Significance: High
> 
> There will be no vsyscall mapping at all. This will eliminate any risk of ASLR
> bypass due to the vsyscall fixed address mapping. Attempts to use the vsyscalls
> will be reported to dmesg so that either old or malicious userspace programs
> can be identified.
Comment 1 Peter Müller 2020-06-09 17:39:00 UTC 
See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852620
Comment 2 Peter Müller 2020-06-09 17:44:22 UTC 
https://patchwork.ipfire.org/patch/3177/