• Corpus ID: 64312333

A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

  title={A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator},
  author={D. Rosenberg},
In this paper, we will systematically evaluate the implementation of the Linux kernel SLOB allocator to assess exploitability. We will present new techniques for attacking the SLOB allocator, whose exploitation has not been publicly described. These techniques will apply to exploitation scenarios that become progressively more constrained, starting with an arbitrarylength, arbitrary-contents heap overow and concluding with an o-by-one NULL byte overow. 
XNU: a security evaluation
It is stated that the XNU kernel has many protection mechanisms in place, but that they could be improved to better protect against exploitation, and that the current design ofXNU, which consists of two separate compo- nents that heavily interact, is error prone and would bene�t from refactoring.


A Guide to Kernel Exploitation
  • Attacking the Core. Syngress,
  • 2010
A Guide to Kernel Exploitation: Attacking the Core
  • 2010
Linux Kernel Heap Tampering Detection