oh neat, I hadn't heard that NCC Group recently did an audit of the Linux eBPF subsystem:
https://www.linuxfoundation.org/hubfs/eBPF/eBPF%20Verifier%20Security%20Audit.pdf
They found a verifier bug, made a nice table of all the security bugs that people found in the history of eBPF, and a bunch of other stuff.
See also https://hachyderm.io/@pchaigno/113120541957093776
Jann Horn /
npub1cq…zc57k
2024-12-03 19:43:06
Author Public Key
npub1cqr5zm9p85a7r3uqzgwhlrl95p0g4jxe8wj9s8e3vy2uxgutj62snzc57kPublished at
2024-12-03 19:43:06Event JSON
{
"id": "62f9e4432693b3d879e9142d8a0353255c8efe760691f084ebf94cd91ddbb0db",
"pubkey": "c007416ca13d3be1c780121d7f8fe5a05e8ac8d93ba4581f316115c3238b9695",
"created_at": 1733254986,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/jann/statuses/113590598765623907",
"activitypub"
]
],
"content": "oh neat, I hadn't heard that NCC Group recently did an audit of the Linux eBPF subsystem:\nhttps://www.linuxfoundation.org/hubfs/eBPF/eBPF%20Verifier%20Security%20Audit.pdf\n\nThey found a verifier bug, made a nice table of all the security bugs that people found in the history of eBPF, and a bunch of other stuff.\n\nSee also https://hachyderm.io/@pchaigno/113120541957093776",
"sig": "e275a132090490f7be99fe93505c9ce68cbba5dbecc66d3951581ea6636b824cf1da629d252d8260f794e59c24d8cb48a3371b849f6dd7b288ee434493c269c3"
}