Wednesday, December 6, 2023
HomeCyber SecurityTrick & Deal with! ? Paying Leets and Sweets for Linux Kernel...

Trick & Deal with! ? Paying Leets and Sweets for Linux Kernel privescs and k8s escapes

We’re consistently investing within the safety of the Linux Kernel as a result of a lot of the web, and Google—from the units in our pockets, to the companies operating on Kubernetes within the cloud—rely upon the safety of it. We analysis its vulnerabilities and assaults, in addition to research and develop its defenses.

However we all know that there’s extra work to do. That’s why now we have determined to construct on high of our kCTF VRP from final yr and triple our earlier reward quantities (for at the very least the following 3 months).

Our base rewards for every publicly patched vulnerability is 31,337 USD (at most one exploit per vulnerability), however the reward can go as much as 50,337 USD in two circumstances:

  • If the vulnerability was in any other case unpatched within the Kernel (0day)
  • If the exploit makes use of a brand new assault or method, as decided by Google

We hope the brand new rewards will encourage the safety group to discover new Kernel exploitation strategies to attain privilege escalation and drive faster fixes for these vulnerabilities. It is very important observe, that the simplest exploitation primitives aren’t out there in our lab setting as a result of hardening carried out on Container-Optimized OS. Notice this program enhances Android’s VRP rewards, so exploits that work on Android may be eligible for as much as 250,000 USD (that is along with this program).

The mechanics are:

  1. Connect with the kCTF VRP cluster, acquire root and browse the flag (learn this writeup for the way it was carried out earlier than, and this risk mannequin for inspiration), after which submit your flag and a checksum of your exploit on this type.
  2. (If relevant) report vulnerabilities to upstream.
  • We strongly advocate together with a patch since that would qualify for an further reward from our Patch Reward Program, however please report vulnerabilities upstream promptly when you verify they’re exploitable.
  • Report your discovering to Google VRP as soon as all patches are publicly out there (we do not need to obtain particulars of unpatched vulnerabilities forward of the general public.)
    • Present the exploit code and the algorithm used to calculate the hash checksum.
    • A tough description of the exploit technique is welcome.

    Experiences shall be triaged on a weekly foundation. If anybody has issues with the lab setting (if it is unavailable, technical points or different questions), contact us on Discord in #kctf. You’ll be able to learn extra particulars about this system right here. Blissful searching!



    Please enter your comment!
    Please enter your name here

    Most Popular

    Recent Comments