Techniques SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks with in the Linux Kernel

[weaver]

Description

SLUBStick is a kernel exploitation technique that elevates a heap vulnerability to an arbitrary memory read/write primitive and works in several steps: Initially, it exploits a timing side channel of the allocator to reliably perform a cross-cache attack with better than 99% success rate on commonly used generic caches. SLUBStick then exploits code patterns prevalent in the Linux kernel to perform a cross-cache attack and turn a heap vulnerability into a page table manipulation, thereby granting the capability to read and write memory arbitrarily.

SLUBStick - кросс-кеш техника эксплуатации ядра, которая преобразует ограниченную уязвимость кучи до примитива чтения/записи произвольной памяти.

статья

https://stefangast.eu/papers/slubstick.pdf

репозиторий

GitHub - IAIK/SLUBStick

Contribute to IAIK/SLUBStick development by creating an account on GitHub.

github.com