Loading…
The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for Linux Security Summit to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Thursday, September 30 • 2:45pm - 3:30pm
(VIRTUAL) Fuzzing Linux with Xen - Tamas K Lengyel, Intel

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Last year we've successfully upstreamed a new feature to Xen that allows high-speed fuzzing of virtual machines (VMs) using VM-forking. Recently through collaboration with the Xen community external monitoring of VMs via Intel Processor Trace has also been upstreamed. Combined with the native Virtual Machine Introspection (VMI) capability Xen now provides a unique platform for fuzzing and binary analysis. To illustrate the power of the platform we'll present the details of a real-world fuzzing operation that targeted Linux kernel-modules from an attack-vector that has previously been hard to reach: memory exposed to devices via Direct Memory Access (DMA) for fast I/O. If the input the kernel reads from DMA-exposed memory is malformed or malicious - what could happen? So far we discovered: 9 NULL-pointer dereferences; 3 array index out-of-bound accesses; 2 infinite-loops in IRQ context and 2 instances of tricking the kernel into accessing user-memory but thinking it is kernel memory. The bugs have been in Linux for many years and were found in kernel modules used by millions of devices. All bugs are now fixed upstream. In this talk we'll show how we found these bugs.

Speakers
avatar for Tamas K Lengyel

Tamas K Lengyel

Sr Security Researcher, Intel
Tamas works at Intel as a Senior Security Researcher. He presented before at leading security conferences like BlackHat, DEFCON and Linux Security Summit. He is maintainer of several open-source projects, including the Xen hypervisor, DRAKVUF and KF/x.


Thursday September 30, 2021 2:45pm - 3:30pm PDT
Room 402 - Chiliwack