A Bug Hunter's Perspective on Unix Drivers

Presented at ToorCon San Diego 17 (2015), Oct. 24, 2015, 2 p.m. (50 minutes).

The Unix driver space with regards to security has been understudied compared to it’s vast attack surface. One juicy area that can be especially buggy and accessible in drivers, I/O control, has received much more attention on Windows than Unix OSes. In this presentation, I will give an introduction to this particular attack surface on Linux, why bugs here are a significant threat and show you how get started looking for vulnerabilities in drivers on the platform. I’ll also go into some of the tools and techniques available and talk about a new tool I’ve written that can help bug hunters dig into Unix device drivers.


Presenters:

  • Jeremy Brown
    Jeremy is a security researcher focused on application security, largely involved in vulnerability research and development. He has gained extensive software security experience working at a large software company for several years on various projects including exploit mitigations, scalable fuzzing and kernel security. Hybrid research and tooling with both offensive and defensive research has improved how the product finds vulnerabilities and the robustness of the product’s code in order to be resilient against attack, respectively. Other interests include static analysis, penetration testing and all things fascinating in the field of computer security.

Links:

Similar Presentations: