Skip to main content

Towards Exploitability Assessment for Linux Kernel Vulnerabilities

Yueqi Chen

Exploitability assessment could facilitate the prioritization of vulnerability remediation. In the past, security researchers and analysts assess exploitability for vulnerabilities by generating exploits manually. These methods involve a tremendous amount of human effort and require significant expertise. In order to solve this problem, automated exploitation approaches are introduced. However, as I will demonstrate in this talk, the effectiveness of existing automated exploitation approaches is limited by many assumptions. For example, the existing approaches mostly assume the state space of the program is limited, no security protection or exploit mitigation is enabled, and the capability of a vulnerability is already known. In this talk, I will introduce three lines of research works to tackle the problem of exploitability assessment without any assumptions. More specifically, I will talk about how we utilize static and dynamic analysis approaches to (1) explore the capability of a vulnerability, (2) pinpoint useful objects to obtain control over necessary registers, and (3) identify general exploitation chains to bypass widely-deployed kernel mitigation. Along with the introduction of these techniques, I will also demonstrate their practical impacts by using real-world vulnerabilities.

Speaker bio

Yueqi Chen received his B.Sc degree from Nanjing University in 2017 and is currently a Ph.D. student with Dr. Xinyu Xing at Pennsylvania State University. His research interest includes OS security and vulnerability analysis. Along this thread, he has published 5 papers in ACM CCS, USENIX Security, and IEEE/ACM ASE as leading author and co-authors over the past two years. His work has been applied in enterprise security risk early warning and awarded one of ten technical events of JD.com in 2018. Besides, he participated in DEF CON 26 CTF Final as a team member of r3kapig in 2018 and ranked 5th in NSA codebreaker 2017.

Share this: