Devils Are in the File Descriptors - It Is Time To Catch Them All

Explore critical vulnerabilities in Linux kernel file descriptor operations in this 31-minute Black Hat conference talk. Dive into the Unix principle of "everything is a file" and examine how file descriptors (fd) are used in the Linux kernel. Uncover high-risk vulnerabilities associated with exporting and importing file descriptors between kernel and user space. Learn about newly discovered vulnerability types, including use-after-free (UAF) issues caused by race conditions and file descriptor type confusion. Gain insights into the potential security implications of these vulnerabilities and understand the importance of addressing them in Linux kernel development and system administration.

Intro
Background
Scenario of fd export operation
UAF caused by race condition
Scenario of fd import operation
Fd type confusion caused by race condition
black hat
Find the issues