You’re kidding right? Did you miss the parts about KASLR being broken and syscalls with TODOs for missing validations? And the CVEs created in relation to these?
I saw one CVE (CVE-2022-0882) for the innocuous kernel log bug. How many CVE's did you see? As for the KASLR, this was a known issue to the Fuchsia devs.
>This is a known-issue. KASLR support on the zircon kernel is just there so that it doesn't bit-rot. We are always picking up a static address instead of a dynamic one.
>Once physboot rollout is complete, that should make it easier to support kaslr.
>This is a known-issue. KASLR support on the zircon kernel is just there so that it doesn't bit-rot. We are always picking up a static address instead of a dynamic one.
>Once physboot rollout is complete, that should make it easier to support kaslr.