A Context-Sensitive, Outlier-Based Static Analysis to Find Kernel Race Conditions

arXiv:2404.00350v1 Announce Type: cross
Abstract: Race conditions are a class of bugs in software where concurrent accesses to shared resources are not protected from each other. Consequences of race conditions include privilege escalation, denial of service, and memory corruption which can potentially lead to arbitrary code execution. However, in large code bases the exact rules as to which fields should be accessed under which locks are not always clear. We propose a novel static technique that infers rules for how …

analysis arbitrary code arbitrary code execution arxiv bugs can class code code execution conditions consequences context corruption cs.cr cs.se denial of service escalation find kernel large memory memory corruption privilege privilege escalation race race conditions resources sensitive service software static analysis