Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Meaningful Bounds Checking in the Linux Kernel

linux.conf.au via YouTube

Overview

Explore the critical issue of buffer overflow vulnerabilities in the Linux Kernel through this 46-minute conference talk from linux.conf.au 2022. Delve into the challenges of heap buffer overflows and learn why compiler-based detection has been difficult despite having sufficient context. Examine real-world examples from the past three years of heap buffer overflow CVEs, including the BleedingTooth exploit. Discover the ongoing efforts to develop solutions for array index overflows, string manipulation overflows, and memcpy overflows in the Linux kernel. Gain insights into C language limitations, kernel coding conventions, and compiler bugs that have hindered progress. Follow the evolution of C flexible arrays, understand the shortcomings of compiler options like "-Warray-bounds" and "-fsanitize=bounds", and learn about the limitations of "__builtin_object_size". Finally, explore how memcpy is being replaced to prevent future overflow vulnerabilities, enhancing the security of the Linux Kernel.

Syllabus

"Meaningful Bounds Checking in the Linux Kernel" - Kees Cook (LCA 2022 Online)

Taught by

linux.conf.au

Reviews

Start your review of Meaningful Bounds Checking in the Linux Kernel

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.