In this
paper, I introduce the reader to a heap metadata corruption against a recent
version of the Linux Heap allocator before the introduction of the tcache. Normally,
calloc will allocate data and zero out the memory before returning a pointer to
it. An attacker that can overflow from one chunk into a free chunk can force calloc
to return uninitialised data. This information leak could be utilised to defeat
ASLR or expose sensitive information.
Linux Heap Calloc Exploitation.PDF
Exploiting the Lorex 2K Indoor Wifi at Pwn2Own Ireland
Introduction In October InfoSect participated in Pwn2Own Ireland 2024 and successfully exploited the Sonos Era 300 smart speaker and Lor...
-
InfoSect has always been committed to fostering diversity and inclusion within the cybersecurity industry, with a special focus on encourag...
-
Summary This is the next part of the C++ memory corruption series*. In this post, we'll look at corrupting the std:string object in L...
-
Syed Faraz Abrar @farazsth98 Summary In this blog post, I will provide some details on how the Chromium developers implemente...
