race condition
keywords kernel exploit / msg_msg / msg_seg / userfault_fd / cred walk / kmalloc-4k / shm_file_data / load_msg 1: TL;DR 2: イントロ 3: static lysithea module overview 4: vulnerability 5: FGKASLR 6: kernel .data leak rough plan to leak data…
keywords kernel exploit / race w/o uffd / shellcode 1: イントロ 2: overview / analysis static module overview 3: vulns 4: race 5: LPE 6: exploit 7: アウトロ 8: 参考 1: イントロ 最近はどうも気分が沈みがちで、そんな楽しくない日々を送っており…
keywords kernel exploit / race without uffd / SLOB / seq_operations / tty_struct / bypass SMAP via kROP on kheap 1: イントロ 2: static basic module 3: Vuln kUAF / double fetch invalid show size 4: leak kernbase race via userfaultfd (FAIL) …
![Hatena Bookmark - 【pwn 51.0】nutty - Union CTF 2021 [maybe not intended sol] (kernel exploit)](https://b.hatena.ne.jp/entry/image/https://smallkirby.hatenablog.com/entry/2021/02/22/053507)
keywords kernel exploit / FGKASLR / slab / race condition / modprobe_path / shm_file_data / kUAF / shmem_vm_ops 1: イントロ 2: static basic Module 3: FGKASLR 4: Vuln: race to kUAF 5: leak and bypass FGKASLR via shm_file_data なんでseq_oper…
