📜 Post with us on Reddit
📝 Create a new article
🏭 Create a company page
🇬🇧 - in English
🇫🇷 - en Français (FR)
🇵🇹 - em Português (PT)
🇩🇪 - auf Deutsch (DE)
🇯🇵 - 日本語で (JA)
Sponsored articles

You can edit almost every page by Creating an account and confirming your email.

SLUBStick

From EverybodyWiki Bios & Wiki

SLUBStick is a Linux kernel exploit technique. It can allow an attacker to elevate a limited heap vulnerability to an arbitrary memory read/write access. This can be leveraged for privilege escalation and container escapes, even with modern defences enabled.[1]

Discovery

SLUBStick was discovered by Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard, Graz University of Technology, and first presented at USENIX 2024 symposium.[2]

Vulnerable platforms

The technique is demonstrated on Linux kernel versions 5.19 and 6.2 on the x86_64 and x86 platform, but is assumed to be possible in all Linux versions on those platforms. Also Linux kernels running on virtual machines on those platforms are considered vulnerable.[citation needed]

Further reading

References

  1. Bill Toulas (3 August 2024). "Linux kernel impacted by new SLUBStick cross-cache attack". Bleepingcomputer.
  2. Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard (16 August 2024). "SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel". USENIX.CS1 maint: Multiple names: authors list (link)


This article "SLUBStick" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:SLUBStick. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.


Retrieved from "https://en.everybodywiki.com/index.php?title=SLUBStick&oldid=4594155"
License CC BY-SA 3.0
Powered by MediaWiki