News

Seminario di Informatica: “Randomization Can't Stop BPF JIT Spray”

Giovedì 21 Settembre 2017, ore 15:00 - Sala Riunioni VII Piano - Filippo Bonazzi

ARGOMENTI: Seminari

Giovedì 21 Settembre 2017 alle ore 15:00 in Sala Riunioni VII Piano, Filippo Bonazzi (Aalto University) terrà un seminario dal titolo “Randomization Can't Stop BPF JIT Spray”.

Abstract
Berkeley Packet Filter (BPF) is a mechanism introduced in the Linux kernel as a way to perform fast line-speed filtering of network packets. To achieve sufficient filtering speeds, a Just-In-Time compiler was added to BPF, effectively transforming it into a general-purpose mechanism to safely support interpreted code injected into a Linux kernel. The JIT compiler was attacked back in 2012 by Keegan McCallister, who used it to inject an exploit payload. Upstream Linux mitigations adopted in response were limited to randomization. This talk will present a modified proof of concept that demonstrates the possibility of a successful BPF JIT spray attack on the 4.4 upstream Linux kernel, and discuss the appropriate mitigations which have since been merged in the 4.7 upstream Linux kernel.

Download Seminari di Informatica