Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced techniques for discovering and exploiting security vulnerabilities within the Extended Berkeley Packet Filter (eBPF) subsystem of the Linux kernel in this 36-minute conference talk. Learn how eBPF's complex verification and JIT compilation mechanisms create significant attack surfaces despite revolutionizing kernel programmability. Master state-aware fuzzing methodologies specifically designed for eBPF that go beyond traditional approaches by incorporating knowledge of the verifier's internal state machine to target verifier state tracking bugs, JIT compiler flaws, and helper function validation bypasses. Discover systematic approaches for weaponizing verifier bypasses into practical kernel exploits, including converting bounds calculation errors into arbitrary read/write primitives, bypassing KASLR through targeted information leaks, and achieving privilege escalation via carefully constructed memory corruption techniques. Gain insights into eBPF's security architecture and receive concrete recommendations for hardening the subsystem against these attacks, including improvements to verifier state tracking, JIT compiler security, and runtime validation mechanisms.
