Name: SLUB Internals for Exploit Developers - Andrey Konovalov, xairy.io
Start: 2024-09-16T14:50:00+0200
End: 2024-09-16T15:35:00+0200

September 16-17, 2024 | Vienna, Austria
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Linux Security Summit Europe 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Central European Summer Time (UTC+2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

Monday September 16, 2024 14:50 - 15:35 CEST

Hall L3

Every Linux kernel exploit that targets a slab memory corruption bug has to shape slab memory in a certain way to control which memory gets corrupted. For example, make the kernel put a specific slab object next to a buffer that can be overflown. Or replace a freed object with another one to overwrite it later via a use-after-free reference. Implementing different slab-shaping strategies requires a deep understanding of the SLUB allocator. This talk will cover the core SLUB allocator internals and explain how and why common slab memory shaping strategies work in Linux kernel exploits.

Speakers

Andrey Konovalov

Security Engineer, xairy.io

Andrey Konovalov is a security engineer focusing on the Linux kernel. Andrey found multiple zero-day bugs in the Linux kernel and published proof-of-concept exploits for these bugs to demonstrate the impact. Andrey contributed to several security-related Linux kernel subsystems and... Read More →

Monday September 16, 2024 14:50 - 15:35 CEST
Hall L3

Refereed Presentations

Linux Security Summit Europe 2024

Andrey Konovalov

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!