Explore >> Select a destination

You are here

 a13xp0p0v.github.io
Linux kernel heap quarantine versus use-after-free exploits | Alexander Popov
| | www.willsroot.io
Will's Root: pbctf 2021 Nightclub Writeup: More Fun with Linux Kernel Heap Notes!
2.7 parsecs away

Travel
| | Vulnerability Research on Low-Level Systems
| | duasynt.com
Linux kernel heap feng shui in 2022 - Michael S, Vitaly Nikolenko
2.1 parsecs away

Travel
| | Linux kernel heap feng shui in 2022
| | a13xp0p0v.tech
Four Bytes of Power: Exploiting CVE-2021-26708 in the Linux kernel | Alexander Popov
2.6 parsecs away

Travel
| | CVE-2021-26708 is assigned to five race condition bugs in the virtual socket implementation of the Linux kernel. I discovered and fixed them in January 2021. In this article I describe how to exploit them for local privilege escalation on Fedora 33 Server for x86_64, bypassing SMEP and SMAP.
| | github.blog
Corrupting memory without memory corruption - The GitHub Blog
16.1 parsecs away

Travel
| In this post Ill exploit CVE-2022-20186, a vulnerability in the Arm Mali GPU kernel driver and use it to gain arbitrary kernel memory access from an untrusted app on a Pixel 6. This then allows me to gain root and disable SELinux. This vulnerability highlights the strong primitives that an attacker may gain by exploiting errors in the memory management code of GPU drivers.