Explore the security implications of the NTFS3 driver in the Linux kernel through this 39-minute Black Hat conference talk. Dive into the process of fuzzing the native NTFS read-write driver, introduced in Linux kernel 5.15. Learn about the challenges of using traditional system call fuzzers like syzkaller and Trinity, and discover how the speakers leveraged and improved the context-aware file system fuzzer, Janus, to more efficiently identify vulnerabilities in NTFS3. Gain insights from security researchers Edward Lo and Chiachih Wu as they discuss their approach to testing this new and complex subsystem, which has become an attractive target for hackers and security professionals alike.
Fuzzing the Native NTFS Read-Write Driver - NTFS3 - in the Linux Kernel
Overview
Syllabus
Fuzzing the Native NTFS Read-Write Driver (NTFS3) in the Linux Kernel
Taught by
Black Hat
Related Courses
-
Fuzzing the Linux Kernel - Mentorship Session
-
Fuzzing File Systems via Two-Dimensional Input Space Exploration
-
Head First Reporting of Linux Kernel CVEs: Practical Use of the Kernel Fuzzer
-
Head First Reporting of Linux Kernel CVEs - Practical Use of the Kernel Fuzzer
-
DIFUZE - Android Kernel Driver Fuzzing
-
Kernel Exploitation with a File System Fuzzer
