December 22nd 2022: it's Christmas Thursday, one of the last workdays before the Christmas vacation starts. Whilst everyone was looking forward to opening presents from friends and family, the Zero Day Initiative decided to give the IT community a present as well: immense stress in the form of
Read AllFollowing the adventure of manually discovering network-based vulnerabilities in the Linux kernel, I'm adding ksmbd-fuzzing functionality to the already extensive kernel-fuzzing tool that is Syzkaller.
Read AllA tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.
Read AllIn this part we'll use our case study to explore how the Linux kernel maps private anonymous memory.
Read AllIn this series we'll explore the Linux kernel's memory management subsystem, using a simple userspace program as our starting point.
Read AllThis time we're going to build on that and introduce another memory allocator found within the Linux kernel, the slab allocator, and it's various flavours. So buckle up as we dive into the exciting world of SLABs, SLUBs and SLOBs.
Read AllI know you've all been waiting for it, that's right, we're going to be taking a dive into another exciting aspect of Linux internals: memory allocators!
Read AllIn this part of our journey into virtual memory in Linux, we cover the mystical kernel memory map and all it entails.
Read AllWe continue our journey to understand virtual memory in Linux, as we take a closer look at the user virtual address space.
Read AllRecently I discovered a vulnerability in the Linux kernel that's been lurking there since 4.8 (July 2016)! CVE-2022-0435 is a remotely and locally exploitable stack overflow in the TIPC networking module of the Linux kernel
Read AllAlright, let's get stuck into some Linternals! As the title suggests, this post will be exploring the ins and outs of virtual memory with regards to modern Linux systems.
Read AllFollow me on my journey moving my virtualisation workflow as a Linux security researcher from Linux x86_64 to MacOS aarch64.
Read AllWelcome to the second part of my totally-wasn't-meant-to-be-a-one-part Linux internals post on the modern boot process!
Read AllWhat more appropriate way to kick off a series on Linux internals than figuring out how we actually get those internals running in the first place? This post is going to cover the process that takes us from pressing a power button, to a fully usable Linux operating system.
Read AllThis post explores attacking page tables as a Linux kernel exploitation technique for gaining powerful read/write primitives.
Read All
