Overview
Explore the security implications of the NTFS3 driver in the Linux kernel through this 39-minute Black Hat conference talk. Dive into the process of fuzzing the native NTFS read-write driver, introduced in Linux kernel 5.15. Learn about the challenges of using traditional system call fuzzers like syzkaller and Trinity, and discover how the speakers leveraged and improved the context-aware file system fuzzer, Janus, to more efficiently identify vulnerabilities in NTFS3. Gain insights from security researchers Edward Lo and Chiachih Wu as they discuss their approach to testing this new and complex subsystem, which has become an attractive target for hackers and security professionals alike.
Syllabus
Fuzzing the Native NTFS Read-Write Driver (NTFS3) in the Linux Kernel
Taught by
Black Hat