media.ccc.de/v...
A survey of BSD kernel vulnerabilities.
In this presentation I start off asking the question „How come there are only a handful of BSD security kernel bugs advisories released every year?“ and then proceed to try and look at some data from several sources.
It should come as no surprise that those sources are fairly limited and somewhat outdated.
The presentation then moves on to try and collect some data ourselves. This is done by actively investigating and auditing. Code review, fuzzing, runtime testing on all 3 major BSD distributions [NetBSD/OpenBSD/FreeBSD]. This is done by first investigating what would be good places where the bugs might be. Once determined, a detailed review is performed of these places. Samples and demos will be shown.
I end the presentation with some results and conclusions. I will list what the outcome was in terms of bugs found, and who - based on the data I now have - among the three main BSD distributions can be seen as the clear winner and loser. I will go into detail about the code quality observed and give some pointers on how to improve some code. Lastly I will try and answer the question I set out to answer („How come there are only a handful of BSD security kernel bugs advisories released every year?“).
Ilja van Sprundel
fahrplan.event...