Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Meaningful Bounds Checking in the Linux Kernel - Addressing Buffer Overflows

Linux Foundation via YouTube

Overview

Explore the critical topic of buffer overflow vulnerabilities in the Linux kernel through this informative conference talk from LSS NA 2022. Begin with a welcome and opening remarks by James Morris, then delve into Kees Cook's presentation on "Meaningful Bounds Checking in the Linux Kernel." Gain insights into the persistent challenge of heap overflows in C code and their impact on kernel security. Examine real-world examples from the past three years of heap buffer overflow CVEs, including the BleedingTooth exploit. Learn about the limitations of C language standards, APIs, kernel coding conventions, and compiler bugs that contribute to this problem. Discover the innovative solutions being developed in the Linux kernel to address array index overflows, string manipulation overflows, and memcpy overflows. Explore the history of C flexible arrays, the unexpected limitations of compiler options like "-Warray-bounds" and "-fsanitize=bounds," and the constraints of "__builtin_object_size." Understand how the Linux kernel community is working to replace memcpy with more secure alternatives to prevent future buffer overflow vulnerabilities.

Syllabus

Welcome & Opening Remarks- James Morris & Meaningful Bounds Checking in the Linux Kernel- Kees Cook

Taught by

Linux Foundation

Reviews

Start your review of Meaningful Bounds Checking in the Linux Kernel - Addressing Buffer Overflows

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.