Difference between revisions of "Linux Security Summit 2012/Abstracts/Cook"

Latest revision as of 16:48, 31 August 2012

Title

Finding kernel vulnerabilities using Coccinelle

Presenter

Kees Cook, Google

Abstract

The "spatch" tool gets a lot of use in the kernel already for making wide changes, or for finding bugs and anti-patterns. Finding security flaws is, of course, also possible. This presentation will show how several Coccinelle rules were developed and used in finding various kernel vulnerabilities both large (CVE-2010-2962, CVE-2010-2963) and small (CVE-2010-4655, CVE-2010-4656). Finally, we will open a discussion on how to continue to expand the corpus and keep it running against new kernel releases.

Slides

Finding Kernel Vulnerabilities Using Coccinelle

Revision as of 00:29, 31 August 2012 (view source) KeesCook (talk \| contribs) (→‎Abstract) ← Older edit		Latest revision as of 16:48, 31 August 2012 (view source) KeesCook (talk \| contribs) m (→‎Slides)
(2 intermediate revisions by the same user not shown)
Line 19:		Line 19:

	== Slides ==		== Slides ==
	[http://outflux.net/coccinelle/]		[http://outflux.net/slides/2012/lss/coccinelle/ Finding Kernel Vulnerabilities Using Coccinelle]

Difference between revisions of "Linux Security Summit 2012/Abstracts/Cook"

Latest revision as of 16:48, 31 August 2012

Contents

Title

Presenter

Abstract

Slides

Navigation menu

Search