Colorful Vulnerabilities - How Changing The Colors Of Your Keyboard Might Lead To Privilege Escalation
Have you ever felt excited about using a brand-new gaming keyboard? Have you dreamed of how you can increase your actions per minute while having many cool bright colors? So far, so good, but what about the software that interacts with it? Often we do not think about the repercussions of the peripheral devices we use, which might be a problem.
In this session, we will outline our research process - analyzing and investigating Razer's Linux kernel module, followed by finding several 0-day bugs (CVE-2022-29021, CVE-2022-29022, CVE-2022-29023) that are oddly determined by the number of RGB colors you have affecting the kernel itself with a live demonstration of exploiting the bugs. Lastly, we will examine and review modern kernel mitigation that reduces the severity of kernel buffer overflow bugs, show its implementation history with examples, and discuss how developers and attackers might approach Linux kernel bug hunting in the future.
Tal Lossos is a Security Researcher at CyberArk Labs with years of experience in kernel module development with a deep interest in OS internals and currently focuses on bug hunting in the Linux kernel. In his recent works, Tal discovered multiple vulnerabilities in drivers causing the elevation of privilege.
Eran Shimony is a Principal Security Researcher at CyberArk Labs with an extensive background in security research that includes years of experience in vulnerability research on multiple platforms. He previously spoke at RSA, HITB, SEC-T, No Hat, and more. Eran has discovered several dozen acknowledged vulnerabilities across major vendors including Microsoft, Intel, and Samsung.