[PDF][PDF] Preventing Kernel Hacks with HAKCs.
Commodity operating system kernels remain monolithic for practical and historical reasons.
All kernel code shares a single address space, executes with elevated processor privileges …
All kernel code shares a single address space, executes with elevated processor privileges …
You shall not (by) pass! practical, secure, and fast pku-based sandboxing
A Voulimeneas, J Vinck, R Mechelinck… - Proceedings of the …, 2022 - dl.acm.org
Memory Protection Keys for Userspace (PKU) is a recent hardware feature that allows
programs to assign virtual memory pages to protection domains, and to change domain …
programs to assign virtual memory pages to protection domains, and to change domain …
Sysfilter: Automated system call filtering for commodity software
N DeMarinis, K Williams-King, D Jin… - … on Research in Attacks …, 2020 - usenix.org
Modern OSes provide a rich set of services to applications, primarily accessible via the
system call API, to support the ever growing functionality of contemporary software …
system call API, to support the ever growing functionality of contemporary software …
Dirtycred: Escalating privilege in linux kernel
The kernel vulnerability DirtyPipe was reported to be present in nearly all versions of Linux
since 5.8. Using this vulnerability, a bad actor could fulfill privilege escalation without …
since 5.8. Using this vulnerability, a bad actor could fulfill privilege escalation without …
Dynpta: Combining static and dynamic analysis for practical selective data protection
As control flow hijacking attacks become more challenging due to the deployment of various
exploit mitigation technologies, the leakage of sensitive process data through the …
exploit mitigation technologies, the leakage of sensitive process data through the …
{EPK}: Scalable and Efficient Memory Protection Keys
As a hardware mechanism for facilitating intra-process memory isolation, Intel Memory
Protection Keys (MPK) has been leveraged to efficiently improve the isolation, security, or …
Protection Keys (MPK) has been leveraged to efficiently improve the isolation, security, or …
{BeeBox}: Hardening {BPF} against Transient Execution Attacks
The Berkeley Packet Filter (BPF) has emerged as the de-facto standard for carrying out safe
and performant, user-specified computation (s) in kernel space. However, BPF also …
and performant, user-specified computation (s) in kernel space. However, BPF also …
A hybrid alias analysis and its application to global variable protection in the linux kernel
Global variables in the Linux kernel have been a common target of memory corruption
attacks to achieve privilege escalation. Several potential defense mechanisms can be …
attacks to achieve privilege escalation. Several potential defense mechanisms can be …
{PET}: Prevent discovered errors from being triggered in the linux kernel
The Linux kernel is the backbone of modern society. When a kernel error is discovered, a
quick remediation is needed. Whereas sanitizers greatly facilitate root cause diagnosis …
quick remediation is needed. Whereas sanitizers greatly facilitate root cause diagnosis …
{SLUBStick}: Arbitrary Memory Writes through Practical Software {Cross-Cache} Attacks within the Linux Kernel
While the number of vulnerabilities in the Linux kernel has increased significantly in recent
years, most have limited capabilities, such as corrupting a few bytes in restricted allocator …
years, most have limited capabilities, such as corrupting a few bytes in restricted allocator …