clock-applet executable stack (security best-practice failure)
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| GNOME Panel |
Unknown
|
Wishlist
|
|||
| gnome-panel (Ubuntu) |
Invalid
|
Wishlist
|
Ubuntu Desktop Bugs | ||
Bug Description
lsmemmap.sh shows clock-applet has an executable stack on x86-64. This is a security best-practice failure: shellcode injection into the stack is possible now that it is executable. Note that in the case of clock-applet there is theoretically no way to elevate privileges and thus this is very minor.
task 5169 (/usr/lib/
7fffffa56000-
Please note that this is not a security vulnerability; it is a failure to execute security best practices. By correcting this, certain real vulnerabilities will become difficult or impossible to exploit beyond basic denial of service.
The most likely cause of this is the use of gcc nested functions in clock-applet.
See also bug #34129 which has the script I used as an attachment.
| John Moser (nigelenki) wrote | #1 |
| Sebastien Bacher (seb128) wrote | #2 |
| Changed in gnome-applets: | |
| assignee: | nobody → desktop-bugs |
| Vincent Untz (vuntz) wrote | #3 |
| John Moser (nigelenki) wrote | #4 |
| Changed in gnome-panel: | |
| status: | Unconfirmed → Confirmed |
| Sebastien Bacher (seb128) wrote | #5 |
| John Moser (nigelenki) wrote | #6 |
| Sebastien Bacher (seb128) wrote | #7 |
| Changed in gnome-panel: | |
| status: | Confirmed → Rejected |
| Changed in gnome-panel: | |
| status: | Needs Info → Rejected |
| Changed in gnome-panel: | |
| importance: | Unknown → Wishlist |
| status: | Invalid → Unknown |
Marking minor low priority, as this is basically not exploitable in theory. It would be nice to see this corrected but not practically important.