Home Publications Technical Escalating Privileges in Linux using Fault Injection

Escalating Privileges in Linux using Fault Injection

Author: Konstantin Goncharov

Today’s standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI)

Voltage Fault Injection

Today’s standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI). FI attacks can be used to alter the intended behavior of software and hardware of embedded devices. Most FI research focuses on breaking the implementation of cryptographic algorithms. However, this paper’s contribution is in showing that FI attacks are effective at altering the intended behavior of large and complex code bases like the Linux Operating System (OS) when executed by a fast and feature rich System-on-Chip (SoC). More specifically, we show three attacks where full control of the Linux OS is achieved from an unprivileged context using V-FI. These attacks target standard Linux OS functionality and operate in absence of any logical vulnerability.

ARM Cortex-A9 SoC development board

We assume an attacker that already achieved unprivileged code execution. The practicality of the attacks is demonstrated using a commercially available V-FI test bench and a commercially available ARM Cortex-A9 SoC development board. Finally, we discuss mitigations to lower probability and minimize impact of a successful FI attack on complex systems like the Linux OS.

Slides (download PDF):

Recent publications

Fault Mitigation Patterns

Fault Mitigation Patterns

To make it easier for developers to protect their security-critical devices, Riscure created this paper discussing patterns that can cost-effectively mitigate the code.

read more
Share This