Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

He jests at scars who never felt a wound. -- Shakespeare, "Romeo and Juliet, II. 2"

comp / comp.os.linux.advocacy / FYI: Linux kernel impacted by new SLUBStick cross-cache attack

SubjectAuthor
o FYI: Linux kernel impacted by new SLUBStick cross-cache attackCrudeSausage

1
Subject: FYI: Linux kernel impacted by new SLUBStick cross-cache attack
From: CrudeSausage
Newsgroups: comp.os.linux.advocacy, comp.os.linux.misc
Organization: usenet-news.net
Date: Sun, 4 Aug 2024 12:23 UTC
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!fx38.iad.POSTED!not-for-mail
MIME-Version: 1.0
User-Agent: Betterbird (Windows)
Newsgroups: comp.os.linux.advocacy,comp.os.linux.misc
Content-Language: en-US
From: crude@sausa.ge (CrudeSausage)
Subject: FYI: Linux kernel impacted by new SLUBStick cross-cache attack
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 24
Message-ID: <opKrO.11825$yI05.9066@fx38.iad>
X-Complaints-To: abuse@usenet-news.net
NNTP-Posting-Date: Sun, 04 Aug 2024 12:23:48 UTC
Organization: usenet-news.net
Date: Sun, 4 Aug 2024 08:23:47 -0400
X-Received-Bytes: 1567
View all headers

<https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/>

A novel Linux Kernel cross-cache attack named SLUBStick has a 99%
success in converting a limited heap vulnerability into an arbitrary
memory read-and-write capability, letting the researchers elevate
privileges or escape containers.

The discovery comes from a team of researchers from the Graz University
of Technology who demonstrated the attack on Linux kernel versions 5.9
and 6.2 (latest) using nine existing CVEs in both 32-bit and 64-bit
systems, indicating high versatility.

Additionally, the attack worked with all modern kernel defenses like
Supervisor Mode Execution Prevention (SMEP), Supervisor Mode Access
Prevention (SMAP), and Kernel Address Space Layout Randomization (KASLR)
active.

(...)

--
CrudeSausage
Catholic, paleoconservative, Christ is king
Progressives are brain-damaged demonic groomers

1

rocksolid light 0.9.8
clearnet tor