On Sun, Mar 23, 2014 at 7:36 PM, Kyle Bassett <kylebassett@gmail.com> wrote:
Thanks Mark! Great read!
I love real-world examples included with any type of lesson.
On Sunday, March 23, 2014, Mark Lee <mark@markelee.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Salutations,
I recently read an interesting article on a Slob allocator vulnerability in the Linux kernel. It was an interesting read so I am reposting it for you all.
< http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptio...
Regards, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlMvJC4ACgkQZ/Z80n6+J/a1IQD+OaIhObNMWJkLXxv5zjb47802 nmEoMdpmFzXcFLxdaS8A/2gTP9l0l+wGVPs9nko6/wF3hAMnF0qKNlFyL8yXZpon =+tvh -----END PGP SIGNATURE-----
I think it's about SLUB, not SLOB vulnerability. The last line says "So it is easy to spot that there is a heap SLUB overflow if a user writes data greater in size than 256 bytes."