Dealing with Uninitialized Memory in the Linux Kernel

Explore a conference talk on addressing uninitialized memory issues in the Linux kernel. Learn about KMSAN, a compiler instrumentation-based detector that has uncovered over a hundred bugs in the upstream kernel through fuzzing. Discover the potential security risks posed by these bugs, including data leaks and control flow subversion. Examine the current state of kernel code coverage and the vast number of bugs still lurking in areas like USB device drivers. Delve into Linux 5.3 features that perform stack and heap initialization, their suitability for production use, and potential improvements. Gain insights into the ongoing challenge of uninitialized memory bugs and the importance of proactive measures for kernel vendors maintaining older versions.

Dealing with Uninitialized Memory in the Kernel - Alexander Potapenko, Google