A methodology for finding source-level vulnerabilities of the Linux kernel variables

Linux kernel provides several advantages to system developers and is widely used as an operating system in a variety of systems, including embedded systems, access routers and servers. These advantages are due to the fact that the Linux kernel is publicly available, however, this feature of openness can have negative impacts on system security. If an attacker wished to exploit Linux-based systems, the attacker could easily do so by finding and abusing the vulnerabilities of the systemspsila Linux kernel sources. There are several methods available that can find source-level vulnerabilities, but they are not always suitable for the Linux kernel. In this paper, we propose a two-step Onion mechanism as a methodology to find source-level vulnerabilities of the Linux kernel variables. The first step of the Onion mechanism is to select variables that may be vulnerable by exploiting their usage patterns. The second step is to inspect the vulnerabilities of the selected variables by making and analyzing system call trees. We also evaluate our proposed methodology by applying it to two well-known source-level vulnerabilities.