[arch-general] SLOB Allocator Vulernability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Salutations, I recently read an interesting article on a Slob allocator vulnerability in the Linux kernel. It was an interesting read so I am reposting it for you all. <http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptions-slub-allocator/> Regards, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlMvJC4ACgkQZ/Z80n6+J/a1IQD+OaIhObNMWJkLXxv5zjb47802 nmEoMdpmFzXcFLxdaS8A/2gTP9l0l+wGVPs9nko6/wF3hAMnF0qKNlFyL8yXZpon =+tvh -----END PGP SIGNATURE-----
Thanks Mark! Great read! I love real-world examples included with any type of lesson. On Sunday, March 23, 2014, Mark Lee <mark@markelee.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Salutations,
I recently read an interesting article on a Slob allocator vulnerability in the Linux kernel. It was an interesting read so I am reposting it for you all.
< http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptio...
Regards, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlMvJC4ACgkQZ/Z80n6+J/a1IQD+OaIhObNMWJkLXxv5zjb47802 nmEoMdpmFzXcFLxdaS8A/2gTP9l0l+wGVPs9nko6/wF3hAMnF0qKNlFyL8yXZpon =+tvh -----END PGP SIGNATURE-----
On Sun, Mar 23, 2014 at 7:36 PM, Kyle Bassett <kylebassett@gmail.com> wrote:
Thanks Mark! Great read!
I love real-world examples included with any type of lesson.
On Sunday, March 23, 2014, Mark Lee <mark@markelee.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Salutations,
I recently read an interesting article on a Slob allocator vulnerability in the Linux kernel. It was an interesting read so I am reposting it for you all.
< http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptio...
Regards, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlMvJC4ACgkQZ/Z80n6+J/a1IQD+OaIhObNMWJkLXxv5zjb47802 nmEoMdpmFzXcFLxdaS8A/2gTP9l0l+wGVPs9nko6/wF3hAMnF0qKNlFyL8yXZpon =+tvh -----END PGP SIGNATURE-----
I think it's about SLUB, not SLOB vulnerability. The last line says "So it is easy to spot that there is a heap SLUB overflow if a user writes data greater in size than 256 bytes."
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/23/2014 02:58 PM, Karol Blazewicz wrote:
On Sun, Mar 23, 2014 at 7:36 PM, Kyle Bassett <kylebassett@gmail.com> wrote:
Thanks Mark! Great read!
I love real-world examples included with any type of lesson.
On Sunday, March 23, 2014, Mark Lee <mark@markelee.com> wrote:
Salutations,
I recently read an interesting article on a Slob allocator vulnerability in the Linux kernel. It was an interesting read so I am reposting it for you all.
< http://resources.infosecinstitute.com/exploiting-linux-kernel-heap-corruptio...
Regards, Mark
I think it's about SLUB, not SLOB vulnerability. The last line says "So it is easy to spot that there is a heap SLUB overflow if a user writes data greater in size than 256 bytes."
Salutations, That's right; a typo on my part. Thanks! Regards, Mark -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlMvMe8ACgkQZ/Z80n6+J/YefgD7BNiSZ1ElzeXFrjeadGFAB+QR 2gwn5U2xFhgKcsUsdHgA/jTFVJECVzLaWO/Vjg5OrnfjhF/eRzwPym5qwJ0XFYTk =v5KU -----END PGP SIGNATURE-----
participants (3)
-
Karol Blazewicz
-
Kyle Bassett
-
Mark Lee