About
I’m a software security engineer focusing on fuzzers, exploits, and mitigations for the Linux and Android kernels. I’m also interested in the physical aspects of security like hardware hacking and lockpicking.
Email: andreyknvl@gmail.com
PGP: keybase.io
Twitter: @andreyknvl
GitHub: @xairy
Telegram: @xairylog [ru]
Conference Talks
2020, Android Security Symposium: Memory Tagging for the Kernel: Tag-Based KASAN [slides] [video]
2019, OffensiveCon: Coverage-Guided USB Fuzzing with Syzkaller [slides] [video]
2017, PHDays: How to find 0days in the Linux kernel [slides]
2015, LinuxCon: KernelAddressSanitizer: a fast memory error detector for the Linux kernel [slides]
Exploit Writeups
CVE-2017-18344: arbitrary-read vulnerability in the timer subsystem [announcement]
CVE-2017-1000112: Memory corruption due to UFO to non-UFO path switch [announcement]
CVE-2017-7308: Exploiting the Linux kernel via packet sockets [article]
CVE-2017-6074: DCCP double-free vulnerability (local root) [announcement]
CVE-2016-2384: Exploiting a double-free in the USB-MIDI Linux kernel driver [article]
Github
github.com/xairy/kernel-exploits (My proof-of-concept exploits for the Linux kernel)
github.com/xairy/linux-kernel-exploitation (A collection of links related to Linux kernel exploitation)
github.com/xairy/vmware-exploitation (A collection of links related to VMware escape exploits)
github.com/xairy/easy-linux-pwn (A set of Linux binary exploitation tasks on various architectures)
github.com/xairy/unlockdown (Disabling kernel lockdown on Ubuntu without physical access)
Open Source Contributions
Linux kernel [commits]
syzkaller [commits]
Hardware Village
2016-2020: Introduction to USB Hacking [materials]
2019: Introduction to PCIe and DMA attacks [materials]
Other Smaller Talks
2018, DC4822: Syzkaller: coverage-guided fuzzer for the Linux kernel [slides]
2015: KernelThreadSanitizer (KTSAN): a data race detector for the Linux kernel [slides]
2014: Автоматический поиск состояний гонок в ядре ОС Linux [ru] [slides]
2013: AddressSanitizer for Linux Kernel [slides]
Thesis
2016, Master: Автоматический поиск состояний гонок в ядре ОС Linux [ru] [slides] [paper]
2014, Bachelor: Автоматический поиск ошибок работы с динамической памятью в ядре ОС Linux [ru] [slides] [paper]
Teaching
2014-2016, MIPT: A small course on CTF (wargames) for beginners [ru] [course]