Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Kernel downloader and vulnerability verifier #451

Merged
merged 28 commits into from
Jan 11, 2023

Conversation

m-1-k-3
Copy link
Member

@m-1-k-3 m-1-k-3 commented Jan 10, 2023

  • What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)

Feature

  • What is the current behavior? (You can also link to an open issue here)

Kernel vulnerabilities only identified with the identified version number
Also addressed issue #450

  • What is the new behavior (if this is a feature change)? If possible add a screenshot.

Module s24 extracts the kernel config (https://raw.githubusercontent.com/torvalds/linux/master/scripts/extract-ikconfig) and the symbols (https://github.com/marin-m/vmlinux-to-elf) of the kernel.
Download helper module downloads the vanilla kernel sources
Module s26 tries to build the kernel based on the extracted config (see https://arxiv.org/pdf/2209.05217.pdf)
Additionally s26 identifies vulnerabilities based on symbols.

Closes #450

  • Does this PR introduce a breaking change? (What changes might users need to make in their application due to this PR?)

Massive improvement of identified kernel vulnerabilities.

image

image

@m-1-k-3 m-1-k-3 added enhancement New feature or request reporting reporting topics (e.g., web reporter) labels Jan 10, 2023
@m-1-k-3 m-1-k-3 merged commit a019263 into e-m-b-a:master Jan 11, 2023
@m-1-k-3 m-1-k-3 deleted the kernel_downloader branch January 20, 2023 11:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request reporting reporting topics (e.g., web reporter)
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Freetz-NG installation missing fit tools
2 participants