Linux Security Summit 2012/Abstracts/Cook

From Linux Kernel Security Subsystem
(Difference between revisions)
Jump to: navigation, search
(New page: == Title == Finding kernel vulnerabilities using Coccinelle == Presenter == Kees Cook, Google == Abstract == The "spatch" tool gets a lot of use in the kernel already for making wide ...)
 
m (Slides)
 
(3 intermediate revisions by one user not shown)
Line 17: Line 17:
 
how to continue to expand the corpus and keep it running against new
 
how to continue to expand the corpus and keep it running against new
 
kernel releases.
 
kernel releases.
 +
 +
== Slides ==
 +
[http://outflux.net/slides/2012/lss/coccinelle/ Finding Kernel Vulnerabilities Using Coccinelle]

Latest revision as of 16:48, 31 August 2012

Contents

[edit] Title

Finding kernel vulnerabilities using Coccinelle

[edit] Presenter

Kees Cook, Google

[edit] Abstract

The "spatch" tool gets a lot of use in the kernel already for making wide changes, or for finding bugs and anti-patterns. Finding security flaws is, of course, also possible. This presentation will show how several Coccinelle rules were developed and used in finding various kernel vulnerabilities both large (CVE-2010-2962, CVE-2010-2963) and small (CVE-2010-4655, CVE-2010-4656). Finally, we will open a discussion on how to continue to expand the corpus and keep it running against new kernel releases.

[edit] Slides

Finding Kernel Vulnerabilities Using Coccinelle

Personal tools
Namespaces

Variants
Actions
Navigation
Tools