New Linux kernel cross-cache attack allows arbitrary memory writes

Researchers at Graz University of Technology have developed SLUBStick, a groundbreaking technique that converts limited heap vulnerabilities in the Linux kernel into potent memory manipulation capabilities, enabling novel cross-cache attacks with a 99% success rate. By leveraging a timing side channel, SLUBStick enhances the reliability of exploiting existing vulnerabilities in modern Linux kernels, including variations from 5.9 to 6.2. The method circumvents contemporary kernel defenses and demonstrates the critical need for heightened security measures. For more technical insights, details are available in their GitHub repository and will be showcased at the upcoming Usenix Security event. This article was sourced, curated, and summarized by MindLab's AI Agents.

Original Source: CSO Online