YoVDO

Kernel Self-Protection Project: Eliminating Bug Classes and Blocking Exploitation Techniques

Offered By: Linux Foundation via YouTube

Tags

Linux Kernel Security Courses Software Development Courses Cybersecurity Courses Vulnerability Management Courses Memory Safety Courses Control-Flow Integrity Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the latest developments in the Kernel Self-Protection Project in this 25-minute conference talk by Kees Cook from Google. Gain insights into the project's efforts to eliminate bug classes and block kernel exploitation techniques. Learn about security defenses implemented in kernels 4.19 through 5.3, including stack and heap auto-initialization, heap mapping robustness, per-task stack canaries, VLA removal, and implicit-fallthrough removal. Discover the progress on upstreaming Control Flow Integrity (CFI) and examine the evolution of kernel CVE lifetimes. Get an overview of ongoing defense developments and areas requiring further assistance. The presentation covers topics such as bugfighting, exploitation methods, memory safety languages, and upcoming features, concluding with a discussion of challenges and a Q&A session.

Syllabus

Intro
Why is this important
Bugfighting
Car analogy
Killing bugs
Killing bug classes
Exploitation methods
Memory safety languages
Kernel Subduction Project
Kernel Updates
Vulnerabilities
Conversions
Bugs
More conversions
Expected for 53
Upcoming features
Challenges
Questions


Taught by

Linux Foundation

Tags

Related Courses

Software as a Service
University of California, Berkeley via Coursera Software Testing
University of Utah via Udacity The Hardware/Software Interface
University of Washington via Coursera Software Debugging
Saarland University via Udacity Introduction to Systematic Program Design - Part 1
The University of British Columbia via Coursera