Пожалуйста, обратите внимание, что пользователь заблокирован
Every Linux kernel exploit that targets a slab memory corruption bug has to shape slab memory in a certain way to control which memory gets corrupted. For example, make the kernel put a specific slab object next to a buffer that can be overflown. Or replace a freed object with another one to overwrite it later via a use-after-free reference. Implementing different slab-shaping strategies requires a deep understanding of the SLUB allocator. This talk will cover the core SLUB allocator internals and explain how and why common slab memory shaping strategies work in Linux kernel exploits.
