Thomas KingDec 23, 2022
Jann Horn
Seth Jenkins (@jenkins) wrote a blog post on a new kernel exploitation technique for exploiting a temporary-increment-at-controlled-address bug without an infoleak: https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html
Exploiting CVE-2022-42703 - Bringing back the stack attack

Seth Jenkins, Project Zero This blog post details an exploit for CVE-2022-42703 (P0 issue 2351 - Fixed 5 September 2022), a bug Jann Horn ...

Dec 8, 2022 at 7:18pmWeb
Show threadMimirDec 8, 2022
@jann this is an extremely cool technique!
Show threadCurt WilsonDec 9, 2022
@jann excellent work.