This repository contains source for my Master’s Thesis on different types of Linux Kernel Vulnerabilities that exist today. It consists of a survey of ~10 years of Linux Kernel CVEs (2007-2016), divides them into various broad categories of Vulnerabilities and includes existing mitigation for them.
While the mitigation aren’t exhaustive, they are sampled from both Research Literature and industry i.e. existing code in Linux Kernel, out-of-tree patches etc. It also includes various tools that can be used to analyze and detect various kind of Vulnerabilities.
The entire thesis is divided into 5 chapters, first 3 of which are related to Linux Kernel Vulnerabilities. 4th chapter talks about Return Oriented Programming attacks. 5th Chapter concludes with what classes of vulnerabilities do and don’t have any pro-active solution for them.
You can browse a copy in the repository or have a look at the PDF. PDF has slightly better formatting and comes with complete references.
A Decade of Linux Kernel Vulnerabilities, their Mitigation and Open Problems (c) by Abhilash Raj
The contents of this repository are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
You should have received a copy of the license along with this work. If not, see http://creativecommons.org/licenses/by-sa/4.0/.