Tony TorralbaDec 19, 2022
Sergi Martinez
As promised, here's the blogpost about the exploitation of #CVE_2022_32250 on Linux kernel 5.18.1. Hope you like it! (any feedback is welcome): https://blog.exodusintel.com/2022/12/19/linux-kernel-exploiting-a-netfilter-use-after-free-in-kmalloc-cg/
Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg - Exodus Intelligence

By Sergi Martinez Overview Itโ€™s been a while since our last technical blogpost, so hereโ€™s one right on time for the Christmas holidays. We describe a method to exploit a use-after-free in the Linux kernel when objects are allocated in a specific slab cache, namely the kmalloc-cg series of SLUB caches used for cgroups. This ... Read more Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg

Exodus Intelligence
Dec 19, 2022 at 7:01pmWeb
Show threadLukeGDec 19, 2022
@zlowram ๐Ÿ˜๐Ÿ˜๐Ÿ˜
Show threadfidgetingbitsDec 19, 2022
@zlowram Great work! Thanks for sharing.
Show threadSergi MartinezDec 19, 2022
@fidgetingbits Thank you! It was a fun bug to play with, nice discovery!