K-LEAK: Towards Automating the Generation of Multi-Step Infoleak Exploits against the Linux Kernel
Zhengchuan Liang
Network and Distributed System Security (NDSS) Symposium 2024 · Day 2 · Privacy & Fingerprinting
The security of the operating system kernel is paramount, as it forms the trusted computing base for all modern systems. Despite continuous efforts, memory errors such as **out-of-bounds (OOB)** and **use-after-free (UAF)** vulnerabilities, largely due to the kernel's implementation in memory-unsafe languages like C and assembly, remain primary attack vectors. Modern kernels have implemented sophisticated exploit mitigations, with **Kernel Address Space Layout Randomization (KASLR)** being a critical example designed to randomize memory layouts and make reliable control-flow hijacking attacks exceedingly difficult. This is precisely where **information leaks (infoleaks)** become indispensable, as they serve to bypass KASLR by disclosing sensitive memory addresses or contents, including cryptographic keys.