Allele Security Alert
ASA-2019-00034
Identifier(s)
ASA-2019-00034
Title
The mincore() system call can be used to observe memory access patterns of other processes
Vendor(s)
The OpenBSD Project
Product(s)
OpenBSD
Affected version(s)
OpenBSD 6.4 before errata 011
OpenBSD 6.3 before errata 028
Fixed version(s)
OpenBSD 6.4 errata 011
OpenBSD 6.3 errata 028
Proof of concept
Unknown
Description
The mincore() system call can be used to observe memory access patterns of other processes.
Technical details
Unknown
Credits
Unknown
Reference(s)
OpenBSD 6.4 Errata
https://www.openbsd.org/errata64.html
OpenBSD 6.3 Errata
https://www.openbsd.org/errata63.html
OpenBSD 6.4 errata 011, January 27, 2019:
https://ftp.openbsd.org/pub/OpenBSD/patches/6.4/common/011_mincore.patch.sig
OpenBSD 6.3 errata 028, February 5, 2019:
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/028_mincore.patch.sig
OpenBSD Errata: January 27th, 2019 (mincore)
https://marc.info/?l=openbsd-announce&m=154853979005673&w=2
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: March 28, 2019