Exploiting Linux Kernel Heap Corruptions (SLUB Allocator)
Mar 22, 2014, 19:00 (0 Talkback[s])
(Other stories by Mohamed Ghannam)
Full Text Search: The Key to Better Natural Language Queries for NoSQL in Node.js
In recent years, several researchers have studied Linux kernel security. The most common kernel privilege vulnerabilities can be divided into several categories: NULL pointer dereference, kernel space stack overflow, kernel slab overflow, race conditions, etc.
Some of them are pretty easy to exploit and there is no need to prepare your own Linux kernel debugging environment to write the exploit. Some others requires special knowledge of Linux kernel design, routines, memory management, etc.
In this tutorial we will explain how the SLUB allocator works and how we can make our user-land code to be executed when we can corrupt some metadata from a slab allocator.
- Interesting kernel exploit posted(Dec 08, 2010)
- Protect Linux Against Overflow Exploits(Aug 05, 2010)
- The Exploit That Didn't Happen(Dec 16, 2011)
- Linux GNOME exploit(Sep 28, 1999)
- Critical Linux Exploit in the Wild(May 18, 2013)
- nginx: How To Block Exploits, SQL Injections, File Injections, Spam, User Agents, Etc.(Aug 08, 2012)
- What a successful exploit of a Linux server looks like(Dec 18, 2013)