I've been enjoying exploring glibc and heap internals over the past few days thanks to the sudo vulnerability. It's rare for null writes and capability to smash entire heap space with a single vulnerability. All the public exploits so far just corrupt the heap structs and don't misuse the allocator via unlink or free() etc. I noticed that the overflow on libmuslc leads to an arbitrary write which is used by Alpine Linux. Writing some heap exploration tools for experiments, this is great fun!

· · Web · 0 · 2 · 4
Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!