|Abstract or Summary
- The aim of this thesis is to study past 10 years of security vulnerabilities reported against
Linux Kernel and all existing mitigation techniques that prevent the exploitation of those
vulnerabilities. To systematically study the security vulnerabilities, they were catego-
rized into classes and sub-classes based on their type.
This thesis first examines over 1100 Common Vulnerabilities and Exposures (CVEs) re-
ported against Linux Kernel in the period of past 10 years. It then presents a survey
of techniques that exist today to prevent exploitation or mitigate impact of these vul-
nerabilities. Techniques surveyed include those added to Linux kernel in past few years,
notable patches and those proposed in research papers but not yet adopted. Finally,
based on the above analysis, this thesis discusses the gaps in the security of Linux Ker-
nel that cannot be efficiently mitigated using the existing techniques and explores open
problems for future research.