Explore potential methods for introducing a backdoor into a Linux kernel release in this 32-minute conference talk by Konstantin Ryabitsev from The Linux Foundation. Investigate various attack vectors, including patch submission, git pull request manipulation, tarball replacement on kernel.org, and targeted downloads. Learn about existing security measures that prevent such attacks and examine remaining vulnerabilities in the trust chain. Gain insights into the robust security practices employed by the Linux kernel development community and understand the challenges faced by potential attackers.
How to Backdoor the Linux Kernel and Fail - Security Measures in Kernel Development
Overview
Syllabus
How to Backdoor the Linux Kernel (and fail?) - Konstantin Ryabitsev, The Linux Foundation
Taught by
Linux Foundation
Tags
Related Courses
-
Demystifying the Linux Kernel Security Process
-
Demystifying the Linux Kernel Security Process
-
You May Be a Linux Kernel Maintainer - and Not Know It
-
Vulnerable by Design - The Backdoor That Came Through the Front
-
Head First Reporting of Linux Kernel CVEs: Practical Use of the Kernel Fuzzer
-
Linux Kernel Development - Panel Discussion
