An analysis on the impact and detection of kernel stack infoleaks

This is a pre-copyedited, author-produced PDF of an article accepted for publication in Logic Journal of the IGPL following peer review. The version of record An analysis on the impact and detection of kernel stack infoleaks. Logic Journal of the IGPL, 24(6), 899-915. is available online at: https://academic.oup.com/jigpal/issue/24/6.[EN] The Linux kernel has become a fundamental component of mainstream computing solutions, now being used in a wide range of applications ranging from consumer electronics to cloud and server solutions. Being expected to continue its growth, especially in the mission-critical workloads. Parallel to the Linux adoption has increased its misuse by attackers and malicious users. This has increased attention paid to kernel security through the deployment of kernel protection mechanisms. Kernel-based attacks require reliability, where kernel attack reliability is achieved through the information gathering stage, where the attacker is able to gather enough information about the target to succeed. The taxonomy of kernel vulnerabilities includes information leaks (CWE-200), that are a class of vulnerabilities that permit access to the kernel memory layout and contents. Information leaks can improve the attack reliability enabling the attacker to read sensitive kernel data to bypass kernel based protections. In this work, we aim at the analysis and detection of stack-based information leaks to harden the security of the kernel. First, we analyse the problem of kernel infoleaks in Section 3, next, we examine the impact of infoleaks attacks on the security of the kernel in Section 4. Then, we present a technique for detecting kernel based infoleaks through static analysis Section 5. Next, we evaluate our technique by applying it to the Linux kernel in Section 6. Finally, we discuss the applications and limitations of our work (Section 6.3) and finally we draw our concluding remarks.The author wants to thank all the people that contributed to make this work possible. This work has been partially supported by the Spanish Government Research Office under grant TIN2014-56158-C4-1-P, TIN2014-56158-C4-4-P and EU Project DREAMS FP7-ICT- 610640.Peiró Frasquet, S.; Muñoz Alcobendas, M.; Crespo Lorente, A. (2016). An analysis on the impact and detection of kernel stack infoleaks. Logic Journal of the IGPL. 24(6):899-915. https://doi.org/10.1093/jigpal/jzw049S89991524