Clash, Burn, and Exploit Manipulate Filters to Pwn kernelCTF
HexRabbit Chen
DEF CON 32 Main Stage · Day 1 · Main Stage
In this highly technical talk, HexRabbit Chen, a security researcher from Devcore, dissects the intricacies of **NS tables**, the Linux kernel's modern packet filtering framework, revealing critical vulnerabilities that allowed him to compromise Google's demanding **kernelCTF** challenge. The presentation, titled "Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF," offers a deep dive into NS tables' internal architecture, its batch processing mechanism, and the subtle flaws in its object lifecycle management that can lead to severe kernel vulnerabilities.
AI review
HexRabbit Chen's dissection of NS tables' batch processing mechanism and object lifecycle management is a masterclass in kernel vulnerability research. He uncovers a subtle, yet critical, use-after-free vulnerability stemming from inconsistent state checks during batch aborts, leading to a successful compromise of Google's demanding kernelCTF. This talk delivers exceptional technical depth, novel insights into a complex kernel subsystem, and demonstrates the real-world impact of meticulous code auditing.