By using the time side channel while exploiting the heap vulnerability, which allows attackers to exploit the kernel’s memory allocation process, researchers were able to pinpoint the exact moment of memory allocation and allocation, making the determination of frequently used caches extremely accurate. .
These caches are then shown to be reallocated to allow attackers to manipulate the page table and read and write any memory allocations. SLUBStick can work with at least nine existing exploits, including CVE-2023-21400, CVE-2023-3609, CVE-2022-32250, CVE-2022-29582, CVE-2022-27666, CVE-2022, CVE-2582- 2582 -0995, CVE-2021-4157, and CVE-2021-3492.
Works with pre-requisites
The attack was found to be effective against all modern kernel defenses, including Supervisor Mode Execution Prevention (SMEP), Supervisor Mode Access Prevention (SMAP), and Kernel Address Space Layout Randomization (KASLR).
Source link