Buffer overflows and counter meassures employed in openSUSE
Counter meassures against buffer overflows and how to circumvent them
Johannes Segitz
Security engineer at SUSE.
Since my time as a teenager in the 90s I was interested in IT security. After visiting my first CCC congress I got hooked and never looked back. In the last ten years I am a member of the SUSE security team and try to make open source software more secure.
No video of the event yet, sorry!
This talk gives a short introduction into buffer overflows, how to exploit them and which counter measures are used in openSUSE Linux to make exploitation harder.
We'll cover stack canaries, fortify source, address space layout randomization and NX. We'll see how they work and how they can be circumvented in a live demo of a working exploit that manages to circumvent these security measures.
Slides for the talk: https://www.slideshare.net/douglasdemaio/buffer-overflows-and-counter-meassures-employed-in-open-suse
- Date:
- 2019 March 8 - 13:00
- Duration:
- 45 min
- Room:
- Ballroom F
- Conference:
- openSUSE Summit at SCaLE17x
- Language:
- Track:
- Difficulty:
- Medium