This talk will provide an introduction to the Linux kernel, the core component of an operating system, and its attack surface. The speaker will discuss the differences between userspace and kernel-space and the security implications of each. He will explain how attackers can exploit kernel vulnerabilities for privilege escalation and other malicious goals. The talk will cover the environment setup for kernel debugging, various types of kernel bugs and their impact, and different mitigations and bypasses that can be used to protect against kernel exploits. A ret2user exploit will be demonstrated, and the talk will conclude with a discussion of fuzzing the kernel and reporting bugs. Overall, this talk will provide a comprehensive overview of Linux kernel security
The talk will be given by Ivor Canjuga (@santaclzz), a hobbyist vulnerability researcher interested in discovering 0 days. He enjoys developing challenges for CTF competitions and has practical experience in penetration testing and bug bounty programs. Ivor is skilled in binary exploitation, focusing on finding and utilizing system vulnerabilities.