Add CWE-200 to list of bugs detectable by KMSAN

a13xp0p0v / linux-kernel-defence-map

Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies

GNU General Public License v3.0

1.77k stars 122 forks source link

Add CWE-200 to list of bugs detectable by KMSAN #2

Closed ramosian-glider closed 5 years ago

ramosian-glider commented 5 years ago

To some extent, KMSAN can detect info exposures (aka information leaks). E.g. it reports copying of uninitialized stack/heap data to the userspace. See https://github.com/google/kmsan/wiki/KMSAN-Trophies for examples.

a13xp0p0v commented 5 years ago

Hello @ramosian-glider, Thanks a lot for your pull request!