PaX Team · Jun 19, 2017 · 3:38 PM UTC

PaX Team · Jun 19, 2017 · 3:38 PM UTC

PaX Team @paxteam

19 Jun 2017

Red Hat's @kurtseifried thinks that 200 hours of brute force is a defense failure. smells like sour grapes for having ignored the problem.

Jun 19, 2017 · 3:38 PM UTC

PaX Team · Jun 19, 2017 · 3:45 PM UTC

PaX Team @paxteam

19 Jun 2017

it's in the advisory: "it has a good chance of gaining eip control after 2^17 * 5.5 seconds = 200 hours"

PaX Team · Jun 19, 2017 · 3:49 PM UTC

PaX Team @paxteam

19 Jun 2017

you gave it a CVE, not Qualys. since you failed to discuss it with us, now's the time (to rescind it).

PaX Team · Jun 19, 2017 · 3:52 PM UTC

PaX Team @paxteam

19 Jun 2017

this is just ridiculous, you can't even explain what exactly is wrong (and thus how to correct it). no kernel enforced gap size is safe.

PaX Team · Jun 19, 2017 · 3:54 PM UTC

PaX Team @paxteam

19 Jun 2017

you're responsible for your actions, not Qualys (their advisory makes it quite clear what they did and did not do).

PaX Team · Jun 19, 2017 · 3:55 PM UTC

PaX Team @paxteam

19 Jun 2017

e.g., grsec's brute force prevention had to be disabled to be able to trigger the bug at all. PaX doesn't have such by design.

PaX Team · Jun 19, 2017 · 4:00 PM UTC

PaX Team @paxteam

19 Jun 2017

was your tweet professional too? anyway, we'll now have to do your professional job apparently.