Difference between revisions of "Linux Security Summit 2012/Abstracts/Cook"
Jump to navigation
Jump to search
JamesMorris (talk | contribs) (New page: == Title == Finding kernel vulnerabilities using Coccinelle == Presenter == Kees Cook, Google == Abstract == The "spatch" tool gets a lot of use in the kernel already for making wide ...) |
|||
| Line 17: | Line 17: | ||
how to continue to expand the corpus and keep it running against new | how to continue to expand the corpus and keep it running against new | ||
kernel releases. | kernel releases. | ||
== Slides == | |||
[http://outflux.net/coccinelle/] | |||
Revision as of 00:29, 31 August 2012
Title
Finding kernel vulnerabilities using Coccinelle
Presenter
Kees Cook, Google
Abstract
The "spatch" tool gets a lot of use in the kernel already for making wide changes, or for finding bugs and anti-patterns. Finding security flaws is, of course, also possible. This presentation will show how several Coccinelle rules were developed and used in finding various kernel vulnerabilities both large (CVE-2010-2962, CVE-2010-2963) and small (CVE-2010-4655, CVE-2010-4656). Finally, we will open a discussion on how to continue to expand the corpus and keep it running against new kernel releases.