YoVDO

Meaningful Bounds Checking in the Linux Kernel - Addressing Buffer Overflows

Offered By: Linux Foundation via YouTube

Tags

Linux Kernel Security Courses C Programming Courses String Manipulation Courses Heap Overflows Courses Memory Safety Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the critical topic of buffer overflow vulnerabilities in the Linux kernel through this informative conference talk from LSS NA 2022. Begin with a welcome and opening remarks by James Morris, then delve into Kees Cook's presentation on "Meaningful Bounds Checking in the Linux Kernel." Gain insights into the persistent challenge of heap overflows in C code and their impact on kernel security. Examine real-world examples from the past three years of heap buffer overflow CVEs, including the BleedingTooth exploit. Learn about the limitations of C language standards, APIs, kernel coding conventions, and compiler bugs that contribute to this problem. Discover the innovative solutions being developed in the Linux kernel to address array index overflows, string manipulation overflows, and memcpy overflows. Explore the history of C flexible arrays, the unexpected limitations of compiler options like "-Warray-bounds" and "-fsanitize=bounds," and the constraints of "__builtin_object_size." Understand how the Linux kernel community is working to replace memcpy with more secure alternatives to prevent future buffer overflow vulnerabilities.

Syllabus

Welcome & Opening Remarks- James Morris & Meaningful Bounds Checking in the Linux Kernel- Kees Cook


Taught by

Linux Foundation

Tags

Related Courses

UNSW Computing 1 - The Art of Programming
OpenLearning
C++ For C Programmers, Part A
University of California, Santa Cruz via Coursera
Beginning Game Programming with C#
University of Colorado System via Coursera
Introduction to Computing 计算概论A
Peking University via Coursera
Comprendre les Microcontroleurs
École Polytechnique Fédérale de Lausanne via Coursera