How STACKLEAK improves Linux kernel security
STACKLEAK is a Linux kernel security feature initially created by Grsecurity/PaX developers. Alexander Popov took on the task of introducing STACKLEAK into the Linux kernel mainline. In this talk Alexander describes the inner workings of this security feature and why the vanilla kernel needs it. In fact, STACKLEAK mitigates several types of Linux kernel vulnerabilities due to:
- reducing the information that can be revealed through kernel stack leak bugs;
- blocking some uninitialized stack variable attacks;
- introducing some runtime checks for kernel stack overflow detection.
Alexander Popov is a Linux kernel developer since 2013. He is a security researcher at Positive Technologies where he has a lot of fun with the Linux kernel vulnerabilities, exploitation techniques and defensive technologies.