Detecting Kernel Vulnerabilities During the Development Phase

Testing is one of the major problems in Linux kernel development cycle. Security analysis and ensuring no new vulnerabilities has been introduced is one of the toughest issues of testing. Kernel developers attempt to find as many security issues as possible before merging with the mainline branch. Failure to detect vulnerabilities will result in vulnerable kernel shipped by distribution and vulnerable systems. The kernel developers can choose between several industrial and open source tools to assist in the development process and shorten the development cycle. (Though not as many as user space developers. Kernel tools are limited and rare compared to user space tools) Some of these tools a…