YoVDO

Devils Are in the File Descriptors - It Is Time To Catch Them All

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Race Conditions Courses Vulnerability Research Courses Linux Kernel Security Courses

Course Description

Overview

Explore critical vulnerabilities in Linux kernel file descriptor operations in this 31-minute Black Hat conference talk. Dive into the Unix principle of "everything is a file" and examine how file descriptors (fd) are used in the Linux kernel. Uncover high-risk vulnerabilities associated with exporting and importing file descriptors between kernel and user space. Learn about newly discovered vulnerability types, including use-after-free (UAF) issues caused by race conditions and file descriptor type confusion. Gain insights into the potential security implications of these vulnerabilities and understand the importance of addressing them in Linux kernel development and system administration.

Syllabus

Intro
Background
Scenario of fd export operation
UAF caused by race condition
Scenario of fd import operation
Fd type confusion caused by race condition
black hat
Find the issues


Taught by

Black Hat

Related Courses

Paradigms of Computer Programming – Abstraction and Concurrency
Université catholique de Louvain via edX
Concurrency in Go
University of California, Irvine via Coursera
Многопоточность
Moscow Institute of Physics and Technology via Coursera
Introduction to Ethereum DeFi Smart Contract Security & Exploits
Coursera Project Network via Coursera
Concurrency in Go (Golang)
Udemy