Don Williamson

I love games, I truly do. Games be like:

CVE! Oh noes! "What is it?" Oh, the game has a "-hackmyshit" CLI argument that you can use! "Who'd have thought!?" Yeah, I know, right?

Meanwhile, in the real engineering world: https://blog.quarkslab.com/nvidia_gpu_kernel_vmalloc_exploit.html

Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers - Quarkslab's blog

This article details two bugs discovered in the NVIDIA Linux Open GPU Kernel Modules and demonstrates how they can be exploited. The bugs can be triggered by an attacker controlling a local unprivileged process. Their security implications were confirmed via a proof of concept that achieves kernel read and write primitives.

Oct 16 at 9:30amWeb
Show threadJosh SimmonsOct 16
@Donzanoid yeah there's absolutely no way you can't pwn the shit out of most gpu drivers. and it's going to be even worse for the linux driver stack. until recently amdgpu (the amd kernel driver) didn't even clear memory pages it gave you from other applications lmao