SLUBStick is a kernel exploit technique that elevates a heap vulnerability to an arbitrary memory read/write primitive. It works in several steps: first, it exploits a timing side channel of the allocator to reliably perform a cross-cache attack on commonly used generic caches, then it exploits code patterns common in the Linux kernel to perform a cross-cache attack, and finally, it turns a heap vulnerability into a page table manipulation, granting the ability to read and write memory arbitrarily.
See our SVG Advisory if you would like additional information on this topic.
Recent Comments