Detecting bugs and vulnerabilities in Linux
Monday, November 28, 2011
Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may “embed” or “clone” code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library’s source or fork a copy of a library’s source.
The Approach of this tools is that if a source package has the other package’s filenames as a subset, it is embedded, Packages that share files are related. A graph of relationships has related packages as cliques. Graph Theory is used to perform the analysis.
Linux vendors have previously used laborious manual techniques to find holes in libraries. Debian alone manually tracks some 420 embedded packages, Cesare said at Ruxcon 2011. Silvio’s tool also automates identifying if embedded packages have outstanding vulnerabilities that have not been patched. Using this system, over 30 previously unknown vulnerabilities were identified in Linux distributions.
Keep reading