Kernel Exploitation Via Uninitialized Stack

Presented at DEF CON 19 (2011), Aug. 5, 2011, 5:30 p.m. (20 minutes)

Leveraging uninitialized stack memory into a full-blown root escalation is easier than it sounds. See how to find these vulnerabilities, avoid the pitfalls of priming the stack, and turn your "memory corruption" into full root privileges.

Presenters:

• Kees Cook - Ubuntu Security Engineer, Canonical Ltd
  Kees Cook is part of the Ubuntu Security Team, where he tries to harden Ubuntu in particular, and Linux in general, against attack. In addition to being an Ubuntu developer, he's a member of the Ubuntu Technical Board, a Debian Developer, and a Kernel.org admin. As a long-time DEF CON Capture the Flag participant, he's especially proud of being part of Team 1@stPlace and winning in 2006 and 2007. Twitter: @kees_cook

Links:

• https://defcon.org/html/defcon-19/dc-19-speakers.html#Cook
• https://infocon.org/cons/DEF CON/DEF CON 19/DEF CON 19 video and slides/DEF CON 19 - Kees Cook - Kernel Exploitation Via Uninitialized Stack - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=YL-_5gk6r1Q