eBPF Adventures: Fiddling with the Linux Kernel and Unix Domain Sockets

tl;dr eBPF (extended Berkeley Packet Filter) is slowly taking over as a programmatic way for (generally privileged) users to invoke Linux kernel APIs and performantly execute semi-arbitrary code without having to load it from a custom kernel module. eBPF is a general means to load memory safe restricted code that reduces the risk of crashes, … Continue reading eBPF Adventures: Fiddling with the Linux Kernel and Unix Domain Sockets

Whitepaper – A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

by Dan Rosenberg In this paper, we will systematically evaluate the implementation of the Linux kernel SLOB allocator to assess exploitability. We will present new techniques for attacking the SLOB allocator, whose exploitation has not been publicly described. These techniques will apply to exploitation scenarios that become progressively more constrained, starting with an arbitrary length, … Continue reading Whitepaper – A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator