Conversation
buherator

buherator

OZZ: Identifying Kernel Out-of-Order Concurrency Bugs
with In-Vivo Memory Access Reordering

https://dl.acm.org/doi/pdf/10.1145/3694715.3695944

/via exploits.club
1
0
2
froge@social.glitched.systems

CyberFrog

Reply to @buherator

@buherator

We run OZZ against mature versions of Linux, and identified 11 new OoO bugs from popular sub-systems such as TLS and BPF. We report them to kernel developers, and developers confirm and fix them accordingly.

this is SUPER cool stuff, nice to see, as defensive complexity grows so must the attack complexity, and new ways of exploiting subtle things like out-of-order (or hardware) bugs will probably be a big part of that for attackers

0
0
1
About infosec.place

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.