Month: June 2021

How to Discover and Prevent Linux Kernel Zero-day Exploit using Formal Verification

Leave a comment
Formal Verification

Recently a zero-day exploit (CVE-2021-31440) was found in the Linux kernel eBPF module. We will show how this bug could have been discovered and prevented using formal verification. A relatively simple logical error caused this bug, but it is easy to overlook and could lead to grave security implications. The bugs like this are difficult to find via exhaustive testing as the space of value combinations you need to test to stumble on it is […]