By using a timing facet channel whereas exploiting the heap vulnerabilities, which basically enable attackers to control the kernel’s reminiscence allocation course of, the researchers had been capable of pinpoint the precise second of reminiscence allocation and de-allocation, making the willpower of ceaselessly used caches extraordinarily correct.
These caches are then proven to be reallocated to permit attackers to control the web page desk and browse and write any reminiscence allocation. SLUBStick can work with not less than 9 current exploitations, together with CVE-2023-21400, CVE-2023-3609, CVE-2022-32250, CVE-2022-29582, CVE-2022-27666, CVE-2022-2588, CVE-2022-0995, CVE-2021-4157, and CVE-2021-3492.
Efficient with pre-requisites
The assault was discovered efficient towards all trendy kernel defenses, together with Supervisor Mode Execution Prevention (SMEP), Supervisor Mode Entry Prevention (SMAP), and Kernel Deal with Area Structure Randomization (KASLR).
