[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-hardening
Subject:    Re: Linux: Use-After-Free exploitation
From:       Kees Cook <keescook () chromium ! org>
Date:       2022-06-22 23:06:18
Message-ID: 202206221605.EA67203C58 () keescook
[Download RAW message or body]

On Wed, Jun 22, 2022 at 11:38:39AM +0530, Muni Sekhar wrote:
> Use-After-Free bugs result in kernel crashes. If these bugs result in
> kernel crashes then how is it possible to exploit this vulnerability
> for local privilege escalation?

There are many examples of manipulating memory layout in a way that an
attacker can control. For example, see:
https://googleprojectzero.blogspot.com/2021/10/how-simple-linux-kernel-memory.html

-- 
Kees Cook
[prev in list] [next in list] [prev in thread] [next in thread]