Finally went through the Bochspwn Reloaded slides. Kudos! Feedback: rather than "Remove taint on free", you could re-taint & detect UAF+leak
-
-
-
Among "other data sinks", consider leaks into filesystem metadata (the fs may be on removable media and then given to someone else, etc.)
-
On Linux, these bug classes are probably still common on older yet maintained and on custom distro kernels. Try RHEL7 and Vz7. They'll care.
-
Thanks for the kind words and thoughtful feedback, all very good ideas. I'll follow up on them and include them in my upcoming
#BHUSA talk. -
Great! Re: Vz7, see e.g. 5 commits from Dec 5 2016 https://src.openvz.org/projects/OVZ/repos/vzkernel/commits?until=refs%2Fheads%2Fbranch-rh7-3.10.0-514.16.1.vz7.32.x-ovz … These were minor infoleaks I found & reported, they cared to fix.
-
This indeed looks promising. :)
End of conversation
New conversation -
-
-
great project! it seems that , we use different method. http://www.iceswordlab.com/2017/06/14/Automatically-Discovering-Windows-Kernel-Information-Leak-Vulnerabilities_en/ … …
-
Yes, it's a similar but a bit different approach. ;)
End of conversation
New conversation -
-
-
Great work as usual
@j00ruThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Tired of apologizing for not understanding computer stuff, but is there something I should *do*?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.