Moving Vulnerable Kernel Logic Into User Space

Loading...
Thumbnail Image

Journal Title

Journal ISSN

Volume Title

Repository Usage Stats

65
views
434
downloads

Abstract

Programs which run at ring zero are a security risk. Moving code into user space can mitigate this risk. As a demonstration, a simple kernel module with vulnerable logic was used as a control case. This module was capable of targeted data exfiltration from the kernel. It was shown that moving the application logic into user space decreased the severity of the vulnerability. Furthermore, rewriting the user space program in Guile – a very high-level language – removed the vulnerability entirely.

Type

Thesis

Department

Description

Provenance

Citation