Automotive cybersecurity

The final 2 automotive security vulnerabilities of 2015

on Dec 17, 15 • by Jeff Hildreth • with No Comments

Memory buffer problems and access control issues account for close to 40 percent of vulnerabilities this year. Find out how to spot and fix these problems in your software...

Home » Software Security » The final 2 automotive security vulnerabilities of 2015

This post is the final in our series of analyzing the top ten automotive cybersecurity vulnerabilities of 2015. Today we’ll cover access control and memory buffer problems.

#2 Access control (52:22)

Access control is any weakness related to the management of permissions, privileges, or other security features. This includes:

• Sandbox issues (chroot environments)
• Permission issues (Improper inheritance, permissive defaults, symbolic links subverting permissions, improper permission preservation, etc.)
• Improper ownership management
• Improper access control

Example of access control (52:51)

kerberos example: fail

In this particular example we have Kerberos, which is not properly tracking whether a client’s request has been validated. This is a common protocol to use for client and servers to authenticate each other, and can be a place where vulnerabilities live.

An error like Kerberos is an interesting vulnerability because it shows that even the best developers can make a coding mistake, and that it’s crucial to keep your systems up-to-date. If you want to have a prayer at keeping your code secure you need to be very diligent about staying current on all systems and software. Bugs can be found in even the most reliable of outdated software.

At 53 minutes and 35 seconds we examine Kerberos in a code example. In the code makes a number of error checks but doesn’t check for certain cases, such as a zero length request. So the result may come through as preauthorized when it shouldn’t be.

kerberos fix

Fix this issue (54:05)

In order to fix this issue you shouldn’t assume the default state is preauthorized. By not authorizing the code early, you’ll be able to catch any errors before claiming it as authorized. This issue is a very simple problem to have – but it is also very easy to fix.

In order to stay in charge of access control vulnerabilities, it’s important to keep architecture and design top of mind. It is always important to correct by construction, and to make sure that code is functioning optimally from the beginning. Also remember to use manual code analysis and carefully examine all access control granting and handoff for assumptions, defaults, and error paths.

Don’t forget to use other tools on your code – like static and dynamic analysis. Fuzz testing and context-dependent weakness analysis could save you from a major headache.

Before getting to the number one vulnerability, we address the importance of OTA. In order to quickly and efficiently keep software safe and secure, it’s important to rely on OTA so you can perform necessary fixes in a timely manner. We predict that OTA will eventually become a mandatory solution for many industries.

#1 Memory buffer problems (57:15)

The number one automotive cybersecurity vulnerability might not be that big of a surprise if you are a C or C++ programmer. Its memory buffer problems: when software can read or write to locations outside of the boundaries of the memory buffer. This includes:

• Not checking size of input on copy
• Bug allowing writing to arbitrary locations
• Out-of-bounds read
• Pointers outside expected range
• Untrusted pointer dereference
• Uninitialized pointers
• Expired pointer references
• Access of memory beyond buffer end

It may not be a surprise that this is the number one vulnerability, but what is surprising is that memory buffer problems are responsible for over a quarter of all vulnerabilities found in 2015.

GNU libc example: fail

Example of memory buffer problems (57:53)

For our example of memory buffer problems we explore GNU libc. This may come as a surprise, because even highly-tested, highly-utilized, highly-examined libraries can have security bugs. This goes to show that nobody is immune to mistakes or code issues.

This particular example is wscanf allocating too little memory in particular conditions. If we look at the code example at 58 minutes and 40 seconds we’ll see it’s really all about whether or not we’re accounting for wide characters.

GNU libc example: fix

See the fix (59:00)

The fix is basically just inserting a couple sizeof {CHAR_T} functions into the code. So instead of allocating for the number of bytes, we’re allocation for size of international characters.

Remediation for memory buffer problems means being diligent about your analysis: static, dynamic, and manual.

Automated static analysis is really good at finding memory buffer problems. Memory buffer problems are easily identified in most static analysis tools.

Conclusion

87 percent circle graph

The top ten automotive cybersecurity vulnerabilities account for 87.5 percent of all reported vulnerabilities in 2015. This means that staying aware and secure for the top ten vulnerabilities will put your code in a much better place. Of course, it’s always important to stay current on software vulnerabilities and patches – new issues are being found very regularly.

Learn more:

• Download a full white paper recapping the top 10 automotive security vulnerabilities.

Have questions on any of the vulnerabilities? Let me know in the comments section.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top