• Salva Peiró
  • Profile
  • Education
  • Publications
  • Projects
  • Archives



Profile

  • Resume: speiro-cv.pdf
  • Current: Software Developer, with seasoned Sysadmin/Security skills.
  • Contact:
  • Keywords: Virtualization, Programming, Networking, Linux, Kernel, Security, x86, SPARCv8, ARM

I work on embedded devices virtualization and security, my main roles are software development engineering, validation and research. I have background and experience on embedded OS development at UPV. Previously, I studied a grade in Computer Science at the UPV, followed by a master degree on Industrial Computing and Control Systems.

Education

  • 2016 - PhD in Computer Science at UPV.
  • 2010 - Master Degree in Computer Science, UPV.
  • 2006 - Bachelor in Computer Science, UPV.

Publications

  • An Analysis on the Impact and Detection of Kernel Stack Infoleaks (preprint)
    S. Peiró, M. Muñoz, and A. Crespo. CISIS14 Special Issue, Logic Journal of the IGPL, published by Oxford Journals.
  • Detecting Stack based kernel Information leaks [slides]
    S. Peiró, M. Muñoz, M. Masmano, and A. Crespo. Computational Intelligence in Security for Information Systems 2014 (CISIS14).
  • IO Virtualisation in a Partitioned System
    M. Masmano, S. Peiró, J. Sanchez, J. Simo, A. Crespo. Embedded Real Time Software and Systems 2012 (ERTS2012).
  • Partitioned Embedded Architecture based on Hypervisor: the XtratuM approach.
    A. Crespo, I. Ripoll, M. Masmano, S. Peiró. 8th European Dependable Computing Conference 2010 (EDCC2010).
  • Real Time control of 20 DoF humanoid robot
    M. Muñoz, J. F. Blanes, M. Albero, J. O. Coronel, J. Simó, A. Crespo, S. Peiró. IFAC Real-Time Programming Workshop 2009.
  • Inferno DS: Inferno port to the Nintendo DS
    S. Peiró, N. Evans, M. Lukkien. International Workshop on Plan 9, IWP9 2008.
  • PaRTiKle OS, a replacement for the core of RTLinux-GPL
    S. Peiró, M. Masmano, I. Ripoll, A. Crespo. 9th Real-Time Linux Workshop 2007.

Lateral Research Results

  • SPADV-2018-01: mini-httpd daemon robustness bug handling unsupported crypt(3) htpasswd hashes
  • CVE-2016-3178: MiniSSDPd (UPnP) improper validation of array index vulnerability
  • CVE-2015-7885: Linux kernel staging/dgnc: fix info leak in ioctl
  • CVE-2015-7884: Linux kernel media/vivid-osd: fix info leak in ioctl
  • Linux Kernel: PATCH iommu/omap: Fix debug_read_tlb() to use seq_printf()
  • QEMU emulator: QEMU megasas: Add write function to handle write access to PCI BAR 3
  • CVE-2014-1739: Linux kernel drivers/media: Fix infoleak in ioctl media_enum_entities()
  • CVE-2014-1446: Linux kernel hamradio/yam: fix info leak in ioctl
  • CVE-2014-1445: Linux kernel wanxl: fix info leak in ioctl
  • CVE-2014-1444: Linux kernel farsync: fix info leak in ioctl

Projects with active participation (most relevant)

  • 2016 - 2018 SafePower - Safe and secure mixed-criticality systems with low power requirements URL
  • 2013 - 2017 DREAMS - Distributed REal-time Architecture for Mixed Criticality Systems URL
  • 2011 - 2014 MultiPARTES: Multi-cores Partitioning for Trusted Embedded Systems URL
  • 2012 - 2013 VOS4ES: Open virtualization techniques using separation kernel for embedded systems URL
  • 2010 - 2012 OVERSEE: Open Vehicular Secure Platform URL
  • 2010 - 2012 System Impact of Distributed Multicore systems (EADS) URL
  • 2008 - 2010 TECOM: Trusted Embedded Computing URL

OSS Projects

  • Inferno DS: A port of the Inferno OS to the Nintendo DS - inferno-ds
  • Inferno Kirkwood: A port of the Inferno OS to the Kirkwood platform - inferno-kirkwood
  • plug-aprsd: Setup of a APRSD daemon - aprsd

  Categories

  • CVEs
  • Infoleaks
  • Learning
  • Techniques

  Activity

  • SPADV-2018-01
  • CVE-2016-3178
  • CVE-2015-7885
  • CVE-2015-7884
  • CVE-2014-1739
  • CVE-2014-1446
  • CVE-2014-1445

  Contact

  • Linkedin
  • ResearchGate
  • Atom feed