OpenSSL is a shared library, so it executes in the same user-mode address space as the process using it. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.įor any technical person that would imply the complete RAM of the virtual/physical comment covers the main point.
As you said, even the official advisory phrases it in a misleading way (although I would say they did so because it's intended for a much wider audience than just us technical folks and they wanted to keep it simple)įor reference, here is how states it(emphasis mine): I can understand getting 64kb of random data from the process which is running the OpenSSL program itself but I don't see how it can even see the complete RAM of the server to be able to send it back to the comment, yes it was precisely the false information that led me to wonder about this. I would expect a segmentation fault if a process tried to access any memory that it didn't explicitly allocate.
Isn't the operating system supposed to prevent access to the real RAM and only allow access to virtual memory where one process cannot access the memory contents of other processes?ĭoes OpenSSL run in kernel mode and thus has access to all the RAM? However what I don't understand is the part where we pass 64k as the length and the server returns 64kb of random data because it does not check whether we really passed 64kb of echo message or 1 byte.īut how is it even possible for a process on a server to return 64kb of random data from the RAM? I have read about the Heartbleed OpenSSL vulnerability and understand the concept.
0 kommentar(er)
