Kernel Assure

Please see our ASPLOS 09 paper: ASSURE: automatic software self-healing using rescue points

 

Let’s say the below bugs occur, how do you detect them?

 

Good Bugs for KAssure (with Proof Of Concept):

CVE-2008-6079 (EXPLOIT http://www.milw0rm.com/exploits/7405) denial of service (kernel infinite loop)

 

Good Bugs for KAssure: (might have POC)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6106 (7.5 multiple buffer overflows – cause a denial of service (crash) – might be possible)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5751 (7.2 Integer overflow – execute arbitrary code)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2358 (7.2 gain privileges via an invalid feature length, which leads to a heap-based buffer overflow)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0771 (4.9 allows local users to cause a denial of service (system hang) – has POC)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2944 (4.9 denial of service – oops)

 

Maybe (but specific to something):

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6056 (4.9 SELinux hooks – DOS crash – demonstrated using an HFS filesystem image)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6057 (4.9 Fedora Core 6 & possibly other operating systems, allows local users to cause a denial of service (crash))

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1615 (4.9 AMD64 architectures – crash)

 

Not worthwhile bugs:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0598 (4.9 read uninitialized memory)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-0731 (7.5 AppArmor change_hat system call – Might Allow / No Proof of Concept)

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-5755 (4.9 x86_64 DOS by crash) 

// Linus Git Tree.


Fatal error: Call to undefined function feedList() in /home/carlosrene/html/wp-content/themes/Infinity/right.php on line 16