Attacking the kernel via its command line
June 20, 2017
Nur Hussein
The kernel’s command line allows the specification of many operating parameters at boot time. A silly bug in command-line parsing was reported by Ilya Matveychikov on May 22; it can be exploited to force a stack buffer overflow with a controlled payload that can overwrite memory. The bug itself stems from a bounds-checking error that, while simple, has still been in the Linux kernel source since version 2.6.20. The subsequent disclosure post by Matveychikov in the oss-security list spawned a discussion on what constitutes a vulnerability, and what is, instead, merely a bug.[…]
https://lwn.net/Articles/725860/
Follow-up conversation is interesting, as well. Includes a pointer to a few things, such as this blog post:
Firmware Security 