Tuesday, 17 September 2019
Linux Heap glibc TCache Double Free Mitigation Bypass
In this paper, I introduce the reader to a heap metadata corruption against the latest Linux Heap Allocator, ptmalloc. This attack performs a double free in the presence of the tcache double free mitigation. It does this by corrupting the freed chunk before the 2nd free is called. This allows a cycle to be created in the tcache and can give primitives such as making malloc returning the same memory more than once, or making malloc return an arbitrary pointer.
Linux Heap glibc TCache Double Free Mitigation Bypass.PDF
Exploiting the Lorex 2K Indoor Wifi at Pwn2Own Ireland
Introduction In October InfoSect participated in Pwn2Own Ireland 2024 and successfully exploited the Sonos Era 300 smart speaker and Lor...
-
InfoSect has always been committed to fostering diversity and inclusion within the cybersecurity industry, with a special focus on encourag...
-
Summary This is the next part of the C++ memory corruption series*. In this post, we'll look at corrupting the std:string object in L...
-
Syed Faraz Abrar @farazsth98 Summary In this blog post, I will provide some details on how the Chromium developers implemente...
