|
SLUBStick
|
|
SLUBStick is a Linux kernel exploit technique. It can allow an attacker to elevate a limited heap vulnerability to an arbitrary memory read/write access. This can be leveraged for privilege escalation and container escapes, even with modern defences enabled. Discovery SLUBStick was discovered by Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard, Graz University of Technology, and first presented at USENIX 2024 symposium. Vulnerable platforms The technique is demonstrated on Linux kernel versions 5.19 and 6.2 on the x86_64 and x86 platform, but is assumed to be possible in all Linux versions on those platforms. Also Linux kernels running on virtual machines on those platforms are considered vulnerable. Further reading * SLUBStick demonstration code * Anatomy of the SLUBStick technique * SLUBStick explained |
| < Prev | Next > |
|---|
Main Menu
| Home |
| Articles |
| Search |
| Submit Article |
| Contact Us |
| Donate to Wikibin |
