{"title":"Parallelly Refill SLUB Objects Freed in Slow Paths: An Approach to Exploit the Use-After-Free Vulnerabilities in Linux Kernel","authors":"Liu Song, Qin Xiao-Jun","doi":"10.1109/PDCAT.2016.088","DOIUrl":null,"url":null,"abstract":"Recently since exploiting vulnerabilities in user application is becoming very difficult, vulnerabilities in Linux kernel have been paid more and more attention, especially the use-after-free vulnerabilities gained the most focus. However, there lacks a completion theory to exploit use-after-free vulnerabilities. The key to exploit UAF vulnerability is how to refill the freed object, because those days that the space just freed will be occupied firstly is gone. We propose a strategy to exploit the use-after-free vulnerabilities by continuously allocating objects. And to promote the efficiency and success rate, we present a technique by parallelly refilling objects with multiple threads and monitor. We also make a simulation experiment to verify the effectiveness of our theory. At last we give some mitigations to this attack.","PeriodicalId":203925,"journal":{"name":"2016 17th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 17th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PDCAT.2016.088","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Recently since exploiting vulnerabilities in user application is becoming very difficult, vulnerabilities in Linux kernel have been paid more and more attention, especially the use-after-free vulnerabilities gained the most focus. However, there lacks a completion theory to exploit use-after-free vulnerabilities. The key to exploit UAF vulnerability is how to refill the freed object, because those days that the space just freed will be occupied firstly is gone. We propose a strategy to exploit the use-after-free vulnerabilities by continuously allocating objects. And to promote the efficiency and success rate, we present a technique by parallelly refilling objects with multiple threads and monitor. We also make a simulation experiment to verify the effectiveness of our theory. At last we give some mitigations to this attack.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
