Explore kernel patching techniques for securing and maintaining Linux-based IoT devices in this 46-minute conference talk from ShmooCon 2019. Learn about the challenges of securing inexpensive IoT devices running outdated Linux kernels on corporate networks and the limitations of existing live patching solutions. Discover a novel tool suite developed by the speakers for inspecting, compiling, and applying patches to vendor OEM Linux kernels without requiring complete source code or specific build chains. Gain insights into hooking functions, replacing functions, altering parameters, and modifying return values to patch vulnerabilities, instrument performance, and aid in reverse engineering efforts. Presented by security researchers Jewell Seay and Parker Wiksell from Battelle Memorial Institute, this talk offers practical solutions for network administrators and security professionals dealing with the proliferation of insecure IoT devices.
Overview
Syllabus
Patchwerk: Kernel Patching for Fun and Profit - Parker Wiksell & Jewell Seay
Taught by
0xdade
Related Courses
-
Mind The Gap - The Linux Ecosystem Kernel Patch Gap
-
Kernel Live Patching at Scale
-
Adaptive Kernel Live Patching - An Open Collaborative Effort
-
Kernel Live Patching for Clang LTO Kernel
-
Ground Truth - 18 Vendors, 6000 Firmware Images, 2.7 Million Binaries, and a Flaw in the Linux-MIPS Stack
-
Reversing SR IOV For Fun and Profit
