Explore advanced kernel hardening techniques in this 38-minute Black Hat conference talk. Delve into the critical issue of memory safety in operating systems, examining the 175 CVEs assigned to potentially exploitable bugs in Linux in 2021 alone. Learn why current Control-Flow Integrity (CFI) and Use-After-Free (UAF) defense methods fall short in stopping sophisticated adversaries. Discover new approaches to enhance these techniques, including Pointer Authentication Based CFI, Context Based CFI, and optimized access validation. Gain insights from security researchers as they present novel strategies to combat evolving exploitation techniques targeting OS vulnerabilities. Understand complex compiler behaviors, static validators, and how to leverage complete differences in hardening approaches.
Overview
Syllabus
Introduction
Pointer Authentication Based CFI
Context Based CFI
New Context
Complex Compiler Behavior
Static Validator
Use a Complete Difference
Optimize Access Validation Approach
Taught by
Black Hat
