Exposed unhashed kernel memory addresses with slub_debug kernel parameter

Question

Exposed unhashed kernel memory addresses with slub_debug kernel parameter

nbouchinet-anssi opened this issue 2 years ago · 0 comments

Usualy hashed kernel memory addresses are exposed unhashed when the slub_debug kernel parameter or the CONFIG_SLUB_DEBUG_ON option are enabled since v5.14.
This is an issue for those who use the slub_debug command line option as a slub sanitizing security feature as recommended by CLIP OS or KSPP.

We should have a way to disable exposure of dumped memory chunks and unhashed kernel adresses when using slub_debug as a security option.