The Lord of the Ring0

Name: The Lord of the Ring0
Start: 2021-12-10T12:00:00Z
End: 2021-12-10T13:00:00Z
Location: TU Graz Online Talk

Abstract

The exploitation of vulnerabilities in the Linux Kernel allows unprivileged users to gain root access and compromise an entire operating system. Kernel maintainers have developed and integrated a plethora of mitigations to make exploitation harder. Examples are KASLR, KPTI, SMEP, SMAP, FG-KASLR, or structure layout randomization. However, despite the presence of state-of-the-art mitigations, it is still possible to leverage powerful vulnerabilities or chain multiple ones to compromise the security of a system. During this talk, we focus on how to exploit vulnerabilities in the Linux Kernel and bypass the existing mitigations to escalate privileges from untrusted users to root.

Date

Dec 10, 2021 12:00 PM — 1:00 PM

Event

Secure Software Development

Location

TU Graz Online Talk

The Lord of the Ring0

Abstract

Pietro Borrello

Microarchitecture Security Researcher