oh neat, I hadn't heard that NCC Group recently did an audit of the Linux eBPF subsystem:
https://www.linuxfoundation.org/hubfs/eBPF/eBPF%20Verifier%20Security%20Audit.pdf
They found a verifier bug, made a nice table of all the security bugs that people found in the history of eBPF, and a bunch of other stuff.
See also https://hachyderm.io/@pchaigno/113120541957093776
=> More informations about this toot | View the thread | More toots from jann@infosec.exchange
text/geminiThis content has been proxied by September (ba2dc).