Djalal Harouni
open-menu closeme
Home
About
PGP Key
RSS
linkedin github twitter mastodon rss

  • Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf)!

    calendar 02 Aug 2023, 00:00 · 3 min read · opensource linux kernel bpf security tetragon  ·
    Share on: twitter facebook linkedin copy
    Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf)!

    Past week Wiz blogged about Overlayfs bugs that can be abused on Ubuntu Kernels to perform privilege escalation, named GameOver(lay) read more here. Those are CVE-2023-2640 and CVE-2023-32629, also Datadog has another writeup about a previous Overlayfs upstream vulnerability CVE-2023-0386. Background All these are …


    Read More

  • Kernel Image Lockdown and eBPF Flexibility!

    calendar 11 Feb 2022, 00:00 · 6 min read · opensource linux kernel bpf security  ·
    Share on: twitter facebook linkedin copy
    Kernel Image Lockdown and eBPF Flexibility!

    The Kernel Lockdown feature that was merged in Linux 5.4 is designed to prevent both direct and indirect access to a running kernel image, attempting to protect against unauthorized modification of the kernel image and to prevent access to security and cryptographic data located in kernel memory, whilst still …


    Read More

  • eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM

    calendar 06 Feb 2022, 00:00 · 6 min read · opensource linux kernel bpf security IoT  ·
    Share on: twitter facebook linkedin copy
    eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM

    Due to the security features that Linux offers, like booting directly into a readonly filesystem, making filesystems readonly at runtime for apps and containers, some attacks have been using what is known as "fileless binary execution" to avoid such protections, and gain the ability to execute binaries …


    Read More

  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security

    calendar 04 Jan 2022, 00:00 · 1 min read · opensource linux kernel bpf security IoT  ·
    Share on: twitter facebook linkedin copy
    eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security

    At the eBPF Summit 2021, I gave a talk about how to take advantage of eBPF to try to bridge some cloud and IoT security features. My Talk can be found here: BPF to bridge Cloud and IoT Linux Security on youtube All eBPF Summit 2021 here: eBPF Summit 2021 Youtube Channel


    Read More

Djalal Harouni

Open Source Software Hacker / Cloud / Linux kernel / BPF / systemd from DZ.
Read More

Featured Posts

  • Prevent Overlayfs Privilege Escalation on Ubuntu Kernels with Yaml (bpf)!
  • Kernel Image Lockdown and eBPF Flexibility!
  • eBPF: Block Linux Fileless Payload "Malware" Execution with BPF LSM
  • eBPF Summit 2021 - Talk: BPF to bridge Cloud and IoT Linux Security
  • DZ Open Source contributions into space Mars 2020 Helicopter, Ingenuity
  • Modernization of Linux proc filesystem and containers security
  • Linux kernel improve Module autoloading infrastructure
  • Hardening Linux-based IoT systems

Recent Posts

  • All systems go Conference - Modern deployment for Embedded Linux and IoT Talk
  • Hardening Linux-based IoT systems

Categories

LINUX 11 OPENSOURCE 10 TECHNOLOGY 7 BPF 4 SECURITY 4 TETRAGON 1

Tags

LINUX 11 OPENSOURCE 11 KERNEL 10 SECURITY 10 BPF 4 IOT 4 CONTAINERS 2 SYSTEMD 2 ALGERIA 1 CONFERENCE 1 MARS 1 SPACE 1 TETRAGON 1
Djalal Harouni

Copyright  DJALAL HAROUNI. All Rights Reserved

to-top