In anticipation of Dan Rosenberg’s talk on exploiting the Linux kernel’s SLOB memory allocator at the Infiltrate security conference and because I recently had a discussion with some friends about the different kernel memory allocators in Linux, I decided to write this quick introduction. I will present some of the allocators’ characteristics and also provide references to public work on exploitation techniques.
- GDCM out of bounds read in JPEGLSCodec :: DecodeExtent
- GDCM buffer overflow in ImageRegionReader :: ReadIntoBuffer
- Oracle WebCenter information exposure vulnerability
- libpurple OTR information leakage
- Netvolution referer header SQL injection vulnerability
- FreeBSD kernel NFS client local vulnerabilities