Linux Heap House of Force Exploitation

In this paper, I introduce the reader to a heap metadata corruption against a recent version of the Linux Heap allocator in glibc 2.27. The House of Force attack is a known technique that requires a buffer overflow to overwrite the top chunk size. An attacker must then be able to malloc an arbitrary size of memory. The result is that it is possible to make a later malloc return an arbitrary pointer. With appropriate application logic, this attack can be used in exploitation. This attack has been mitigated in the latest glibc 2.29 but is still exploitable in glibc 2.27 as seen in Ubuntu 18.04 LTS.

Linux Heap House of Force Exploitation.PDF


  1. Autospin88 dan ElangGame - Situs game slot online terbesar, tercepat, terlengkap dan terfavorit.

    Ada banyak promosi yang sangat menarik dan merchandise keren yang hanya ada di Autospin88 dan ElangGame.

    Autospin88 pasti Autowin..
    ElangGame Slot Gacor

    Klik langsung di sini ya guys DAFTAR AUTOSPIN88



Post a Comment

Popular posts from this blog

C++ Memory Corruption (std::vector) - part 2

Pointer Compression in V8

Linux Kernel Stack Smashing