SLUBStick
SLUBStick is a Linux kernel exploit technique. It can allow an attacker to elevate a limited heap vulnerability to an arbitrary memory read/write access. This can be leveraged for privilege escalation and container escapes, even with modern defences enabled.[1][2]
Discovery
SLUBStick was discovered by Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard, Graz University of Technology, and first presented at USENIX 2024 symposium.[3][4]
Vulnerable platforms
The technique is demonstrated on Linux kernel versions 5.19 and 6.2 on the x86_64 and x86 platform, but is assumed to be possible in all Linux versions on those platforms. Also Linux kernels running on virtual machines on those platforms are considered vulnerable.[citation needed]
Further reading
References
- ^ Bill Toulas (3 August 2024). "Linux kernel impacted by new SLUBStick cross-cache attack". Bleepingcomputer.
- ^ "Security vulnerability: Linux kernel memory corruption vulnerabilities exploitable through the SLUBStick technique". suse.com. 2024-08-14.
- ^ Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard (16 August 2024). "SLUBStick: Arbitrary Memory Writes through Practical Software Cross-Cache Attacks within the Linux Kernel". USENIX.
{{cite web}}: CS1 maint: multiple names: authors list (link) - ^ Eduard Kovacs (August 5, 2024). "New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous". securityweek.com.