Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019

Explore a comprehensive analysis of exploitable Linux kernel vulnerabilities from 2017 to 2019 in this 44-minute conference talk by Intel's Tong Lin and Luhai Chen. Delve into basic Linux kernel privilege escalation techniques, understanding their functionality and how adversaries utilize them. Examine selected typical exploitable vulnerabilities through in-depth analysis, showcasing complete exploit chains that include gaining kernel arbitrary read/write access and bypassing existing mitigations. Learn about Linux distribution families, top Common Weakness Enumerations (CWE) in the Linux kernel, and representative kernel vulnerabilities. Gain insights into Linux privilege escalation, common Local Privilege Escalation (LPE) flows, and control execution flows. Discover specific vulnerability types, arbitrary memory write techniques, and the significance of address limits in gaining root privileges. Explore eBPF verifier bypass vulnerabilities, conventional Use-After-Free (UAF) exploit chains, and Time-of-Check to Time-of-Use (TOCTOU) vulnerabilities in the pipe subsystem. Understand how list operations combine with pipe heap spraying in exploits, and review case summaries to reinforce your understanding of Linux kernel security challenges and mitigation techniques.