RCU's First-Ever CVE, and How I Lived to Tell the Tale

Explore a conference talk that delves into the first-ever Common Vulnerabilities and Exposures (CVE) related to Linux-kernel RCU (Read-Copy-Update) and its subsequent resolution. Learn about the unexpected security implications of usability bugs in low-level kernel components, the challenges of consolidating multiple RCU flavors, and the process of implementing a fix. Gain insights into quiescent states, the RCU tree structure, and techniques for deferring operations while ensuring system integrity. Discover valuable lessons and war stories from the speaker's experience in addressing this critical issue in the Linux kernel.