Devils Are in the File Descriptors - It Is Time To Catch Them All
Offered By: Black Hat via YouTube
Course Description
Overview
Explore critical vulnerabilities in Linux kernel file descriptor operations in this 31-minute Black Hat conference talk. Dive into the Unix principle of "everything is a file" and examine how file descriptors (fd) are used in the Linux kernel. Uncover high-risk vulnerabilities associated with exporting and importing file descriptors between kernel and user space. Learn about newly discovered vulnerability types, including use-after-free (UAF) issues caused by race conditions and file descriptor type confusion. Gain insights into the potential security implications of these vulnerabilities and understand the importance of addressing them in Linux kernel development and system administration.
Syllabus
Intro
Background
Scenario of fd export operation
UAF caused by race condition
Scenario of fd import operation
Fd type confusion caused by race condition
black hat
Find the issues
Taught by
Black Hat
Related Courses
Paradigms of Computer Programming – Abstraction and ConcurrencyUniversité catholique de Louvain via edX Concurrency in Go
University of California, Irvine via Coursera Многопоточность
Moscow Institute of Physics and Technology via Coursera Introduction to Ethereum DeFi Smart Contract Security & Exploits
Coursera Project Network via Coursera Concurrency in Go (Golang)
Udemy