The Lord of the Ring0

Abstract

The exploitation of vulnerabilities in the Linux Kernel allows unprivileged users to gain root access and compromise an entire operating system. Kernel maintainers have developed and integrated a plethora of mitigations to make exploitation harder. Examples are KASLR, KPTI, SMEP, SMAP, FG-KASLR, or structure layout randomization. However, despite the presence of state-of-the-art mitigations, it is still possible to leverage powerful vulnerabilities or chain multiple ones to compromise the security of a system. During this talk, we focus on how to exploit vulnerabilities in the Linux Kernel and bypass the existing mitigations to escalate privileges from untrusted users to root.

Date
Dec 10, 2021 12:00 PM — 1:00 PM
Location
TU Graz Online Talk
Pietro Borrello
Pietro Borrello
Microarchitecture Security Researcher

Microarchitecture Security Researcher at Apple SEAR.