The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for Linux Security Summit to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Thursday, September 30 • 11:50am - 12:35pm
(IN PERSON) Triaging Kernel Out-Of-​Bounds Write Vulnerabilities - Weiteng Chen, University of California, Riverside

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered. It is often unclear which of these bugs are worth fixing, as only a subset of them may be serious enough to lead to security takeovers (i.e., privilege escalations). Therefore, researchers have recently started to develop automated exploit generation techniques (for UAF bugs) to assist the bug triage process. In this paper, we investigate another top memory vulnerability in Linux kernel—out-of-bounds (OOB) memory write from heap. We design KOOBE to assist the analysis of such vulnerabilities based on two observations: (1) Surprisingly often, different OOB vulnerability instances exhibit a wide range of capabilities. (2) Kernel exploits are multi-interaction in nature which allows the exploit crafting process to be modular. Specifically, we focus on the extraction of capabilities of an OOB vulnerability and the subsequent exploitability evaluation process. In our evaluation, we analyze 17 most recent Linux kernel OOB vulnerabilities, for which KOOBE successfully generated candidate exploit strategies for 11 of them. Further, we are able to construct fully working exploits for all of them.

avatar for Weiteng Chen

Weiteng Chen

University of California, Riverside
Weiteng Chen is a 5th-year PhD student in the computer science department at University of California, Riverside, where he is working with professor Zhiyun Qian. His research focuses on OS security and vulnerability analysis. He is particularly interested in exploitability assessment... Read More →

Thursday September 30, 2021 11:50am - 12:35pm PDT
Room 402 - Chiliwack