I've been enjoying exploring glibc and heap internals over the past few days thanks to the sudo vulnerability. It's rare for null writes and capability to smash entire heap space with a single vulnerability. All the public exploits so far just corrupt the heap structs and don't misuse the allocator via unlink or free() etc. I noticed that the overflow on libmuslc leads to an arbitrary write which is used by Alpine Linux. Writing some heap exploration tools for experiments, this is great fun!
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!