Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking by j00ru
In Summary : One of the responsibilities of modern operating systems is to enforce privilege separation between user-mode applications and...
https://updatesinfosec.blogspot.com/2018/06/detecting-kernel-memory-disclosure-with.html
In Summary :
One of the responsibilities of modern operating systems is to enforce privilege separation between user-mode applications and the kernel. This includes ensuring that the influence of each program on the execution environment is limited by the defined security policy, but also that programs may only access the information they are authorized to read. The latter goal is especially difficult to achieve considering that the properties of C– the main programming language used in kernel development – make it highly challenging to securely pass data between different security do- mains. There is a significant risk of disclosing sensitive leftover kernel data hidden amidst the output of otherwise harmless system calls, unless special care is taken to prevent the problem. Issues of this kind can help bypass security mitigations such as KASLR and StackGuard, or retrieve information processed by the kernel on behalf of the system or other users, e.g. file contents, network traffic, cryptographic keys and so on[...]
kindly refer the following link as follow up :
https://ift.tt/2ywbIwZ
One of the responsibilities of modern operating systems is to enforce privilege separation between user-mode applications and the kernel. This includes ensuring that the influence of each program on the execution environment is limited by the defined security policy, but also that programs may only access the information they are authorized to read. The latter goal is especially difficult to achieve considering that the properties of C– the main programming language used in kernel development – make it highly challenging to securely pass data between different security do- mains. There is a significant risk of disclosing sensitive leftover kernel data hidden amidst the output of otherwise harmless system calls, unless special care is taken to prevent the problem. Issues of this kind can help bypass security mitigations such as KASLR and StackGuard, or retrieve information processed by the kernel on behalf of the system or other users, e.g. file contents, network traffic, cryptographic keys and so on[...]
kindly refer the following link as follow up :
https://ift.tt/2ywbIwZ
