Study and Analysis of ELF Vulnerabilities in Linux
Biswajit Sarma , Srishti Dasgupta
Abstract
Internally the Linux kernel uses a binary format loader layer to implement the low level format dependent functionality of the execve() system call to replace current process by a new one or to execute a new process. The common execve() code contains just few helper functions used to load the new binary and leaves the format specific work to a specialized binary format loader. One of the Linux format loaders is the ELF (Executable and Linkable Format) loader. There are three header areas in an ELF files: the main ELF header, the program headers, and then the section headers. The program code lies between the program headers and the section headers. This paper will take a look at the Linux ELF file format and examine possibilities of file virus infectors.
Keywords
Linux, Execve, Loader, Virus.
Reference
[1] Ryan O’Neill “Extending the ELF Core Format for Forensics Snapshots” in Leviathan Research November 2014
[2] Ian Lance Taylor “A New ELF Linker” in iant@google.com
[3] Marius Van Oers “LINUX VIRUSES – ELF FILE FORMAT” in VIRUS BULLETIN CONFERENCE, SEPTEMBER 2000
[4] wikipedia.org
Cites this article as
B. Sarma, S. D. ,
"Study and Analysis of ELF Vulnerabilities in Linux", International Journal of Innovative Research in Engineering & Management (IJIREM), Vol-1, Issue-3, Page No-5 - 9, 2014. Available from:
Corresponding Author
Biswajit Sarma
Assistant professor, Department of Computer Science and Engineering, Jorhat Engineering College,