Alexander Popov

Exploiting a Linux Kernel Vulnerability in the V4L2 Subsystem


CVE-2019-18683 refers to a bunch of 5-year old race conditions in the V4L2 subsystem of the Linux kernel which were fixed by Alexander Popov at the end of 2019. In this talk he will describe the PoC exploit of these issues for x86_64. Alexander will explain the effective method of hitting the race condition and show how to gain local privilege escalation from the kernel thread context bypassing SMEP and SMAP on Ubuntu Server 18.04.


Alexander Popov is a Linux kernel developer since 2013. He is a security researcher at Positive Technologies where he has a lot of fun with the Linux kernel vulnerabilities, exploitation techniques and defensive technologies.