Stuck in Tutorial Hell? Learn Backend Dev the Right Way
Build GenAI Apps from Scratch — UCSB PaCE Certificate Program
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the resurgence of stack overflow vulnerabilities in the Linux kernel in this technical conference talk. Delve into an analysis of recent Linux CVEs involving kernel stack issues, understanding why exploitation is challenging without weakening certain security controls. Learn about the characteristics of an ideal vulnerability that could bypass current protections. Examine Nftables bugs involving NFT registers as a case study, discovering how they can be leveraged for KASLR leaks and controlled structure address acquisition. Investigate techniques to overcome SMEP/SMAP protections and expand payload space within limited register capacity. Gain insights into the softirq exit routine necessary to avoid stack guard checks and kernel panics. Conclude with a discussion on potential mitigation strategies, including the pros and cons of enabling CONFIG_STATIC_USERMODEHELPER, implementing pointer authentication, and the speaker's custom solution for per-softirq kernel stack randomization.
Syllabus
#HITB2023AMS #COMMSEC D2 - The Return Of Stack Overflows In The Linux Kernel - Davide Ornaghi
Taught by
Hack In The Box Security Conference