Linux Heap Overlapping Chunks Exploitation

In this paper, I introduce the reader to a heap metadata corruption against the current Linux Heap Allocator, ptmalloc. An attacker that can overflow from one chunk into the next allocated chunk can force ptmalloc to return overlapping allocations. Given the appropriate application logic, this can lead to exploitation.

This attack is known and is documented in various outlets.

Linux Heap Overlapping Chunks Exploitation.PDF

Popular posts from this blog

Empowering Women in Cybersecurity: InfoSect's 2024 Training Initiative

C++ Memory Corruption (std::string) - part 4

Pointer Compression in V8