Load site modules...
lade...
random avatar

grsecurity - Network

Posts Subscribe

It's now available!

https://infosec.exchange/@grsecu...

It's now available!

24.2.2025 19:44It's now available!
https://infosec.exchange/@grsecu...

We expect our 6.13 #grsecurity beta to be available within the next two weeks.

https://infosec.exchange/@grsecu...

We expect our 6.13 beta to be available within the next two weeks.

19.2.2025 20:45We expect our 6.13 #grsecurity beta to be available within the next two weeks.
https://infosec.exchange/@grsecu...

https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w

https://infosec.exchange/@grsecu...

github.com/google/security-res

3.2.2025 18:46https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w
https://infosec.exchange/@grsecu...

Our 6.12 #grsecurity beta is now available to beta testers for testing

https://infosec.exchange/@grsecu...

Our 6.12 beta is now available to beta testers for testing

16.1.2025 21:13Our 6.12 #grsecurity beta is now available to beta testers for testing
https://infosec.exchange/@grsecu...

Slides for @wipawel's H2HC presentation this month on the TLB are now available on https://grsecurity.net/papers If you've never...

https://infosec.exchange/@grsecu...

Slides for @wipawel's H2HC presentation this month on the TLB are now available on grsecurity.net/papers
If you've never heard of "paging-structure caches" before, check it out!

23.12.2024 16:20Slides for @wipawel's H2HC presentation this month on the TLB are now available on https://grsecurity.net/papers If you've never...
https://infosec.exchange/@grsecu...

We need to post a correction to yesterday's eBPF performance numbers:@minipli wasn't happy with just a 30x speedup and took a look...

https://infosec.exchange/@grsecu...

We need to post a correction to yesterday's eBPF performance numbers:

@minipli wasn't happy with just a 30x speedup and took a look at one final bottleneck that was bothering him.

The speedup over vanilla is now 747x 🤯 (5.27s vs 1h5m40s)

5.11.2024 19:06We need to post a correction to yesterday's eBPF performance numbers:@minipli wasn't happy with just a 30x speedup and took a look...
https://infosec.exchange/@grsecu...

If you're curious, we also fixed the failing vanilla testcases, without which the speedup would have appeared even larger than 30x....

https://infosec.exchange/@grsecu...

If you're curious, we also fixed the failing vanilla testcases, without which the speedup would have appeared even larger than 30x. Every grsecurity option really means every single one, including RAP, PRIVATE_KSTACKS, KERNEXEC, UDEREF, AUTOSLAB, KERNSEAL, etc.

4.11.2024 20:54If you're curious, we also fixed the failing vanilla testcases, without which the speedup would have appeared even larger than 30x....
https://infosec.exchange/@grsecu...

Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements...

https://infosec.exchange/@grsecu...

Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements to eBPF. Below we show a ~30x speedup vs vanilla in running the eBPF selftests with every single option enabled!

4.11.2024 20:48Performance isn't the enemy of security: we care about both. Today's patches finish off a set of security/performance improvements...
https://infosec.exchange/@grsecu...

In combination with the research published yesterday by ETHZ into IBPB implementation vulnerabilities on some Intel and AMD CPUs...

https://infosec.exchange/@grsecu...

In combination with the research published yesterday by ETHZ into IBPB implementation vulnerabilities on some Intel and AMD CPUs (comsec.ethz.ch/research/microa), Johannes Wikner has published a detailed walkthrough of the first cross-process Spectre exploit against a real target, an attack he developed in part during his internship with us last year.

Check it out here: grsecurity.net/cross_process_s

19.10.2024 10:06In combination with the research published yesterday by ETHZ into IBPB implementation vulnerabilities on some Intel and AMD CPUs...
https://infosec.exchange/@grsecu...

A new version of paxctld (1.2.6) is now available for download!

https://infosec.exchange/@grsecu...

A new version of paxctld (1.2.6) is now available for download!

25.9.2024 17:34A new version of paxctld (1.2.6) is now available for download!
https://infosec.exchange/@grsecu...

In light of the OpenSSH RCE advisory published today by Qualys:...

https://infosec.exchange/@grsecu...

In light of the OpenSSH RCE advisory published today by Qualys: blog.qualys.com/vulnerabilitie, where it references our March blog while discussing ASLR weaknesses being key to feasible modern i386 exploitation, here it is again in case you missed it: infosec.exchange/@grsecurity/1

1.7.2024 17:19In light of the OpenSSH RCE advisory published today by Qualys:...
https://infosec.exchange/@grsecu...

In this blog, we dive deep into how the automation employed by the recently-formed Linux CNA managed to take a detailed, unrestricted...

https://infosec.exchange/@grsecu...

In this blog, we dive deep into how the automation employed by the recently-formed Linux CNA managed to take a detailed, unrestricted vulnerability report for their 5.10 LTS kernel, and produce an error-filled CVE unhelpful for downstream consumers: grsecurity.net/cve-2021-4440_l

26.6.2024 14:38In this blog, we dive deep into how the automation employed by the recently-formed Linux CNA managed to take a detailed, unrestricted...
https://infosec.exchange/@grsecu...

A weakness 23 years in the making: binaries and libraries built with an older toolchain act as timebombs against ASLR under...

https://infosec.exchange/@grsecu...

A weakness 23 years in the making: binaries and libraries built with an older toolchain act as timebombs against ASLR under "recent" Linux kernel and glibc changes.

Users: Check your exposure!
Developers: Rebuild binaries to achieve full ASLR benefit!

grsecurity.net/toolchain_necro

4.3.2024 15:30A weakness 23 years in the making: binaries and libraries built with an older toolchain act as timebombs against ASLR under...
https://infosec.exchange/@grsecu...
Subscribe
To add news/posts to your profile here, you must add a link to a RSS-Feed to your webfinger. One example how you can do this is to join Fediverse City.
         
Webfan Website Badge
Nutzungsbedingungen   Datenschutzerklärung  Impressum
Webfan | @Web pages | Fediverse Members

⬆️

⬇️