Breaking Kernel Address Space Layout Randomization - KASLR - With Intel TSX

Breaking Kernel Address Space Layout Randomization - KASLR - With Intel TSX

Black Hat via YouTube Direct link

Example: town. OS X 10.10.5 Kernel Privilege Escalation Vulnerability

3 of 25

3 of 25

Example: town. OS X 10.10.5 Kernel Privilege Escalation Vulnerability

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Breaking Kernel Address Space Layout Randomization - KASLR - With Intel TSX

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Example: Linux
  3. 3 Example: town. OS X 10.10.5 Kernel Privilege Escalation Vulnerability
  4. 4 Kernel Address Space Layout Randomization (KASLR)
  5. 5 TLB Timing Side Channel
  6. 6 TSX Gives Better Precision on Timing Attack
  7. 7 Transactional Synchronization Extension
  8. 8 Abort Handler Suppresses Exceptions
  9. 9 Reducing Noise with Intel TSX
  10. 10 Measuring Timing Side Channel
  11. 11 Demo 2: Full Attack on Linux
  12. 12 Attack on Windows
  13. 13 Attack on OS X
  14. 14 Attack on Amazon EC2
  15. 15 Result Summary
  16. 16 Timing Side Channel (M/U)
  17. 17 Path for a mapped Page
  18. 18 Intel Cache Architecture
  19. 19 Path for an Executable Page
  20. 20 Path for a non-executable, but mapped Page
  21. 21 Cache Coherence and TLB
  22. 22 Discussions: Controlling Noise
  23. 23 Discussions: Countermeasures?
  24. 24 Conclusion
  25. 25 Any Question?

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.