tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: jit code and securelevel

To: Christos Zoulas <christos%zoulas.com@localhost>
Subject: Re: jit code and securelevel
From: Alexander Nasonov <alnsn%yandex.ru@localhost>
Date: Thu, 1 Jan 2015 18:21:20 +0000

Christos Zoulas wrote:
> Well, it is using jit to load exploit code to the kernel, but how will
> he jump to it? In the description he is using a module that lets you jump
> to any location. If you have that, you can do whatever you want anyway...

They might spot use-after-free bug and reuse freed memory for bpf_d
object which has a pointer to jit code.

Alex

Follow-Ups:
- Re: jit code and securelevel
  - From: Christos Zoulas

References:
- Re: jit code and securelevel
  - From: Alexander Nasonov
- Re: jit code and securelevel
  - From: Christos Zoulas

Prev by Date: Re: jit code and securelevel
Next by Date: Re: jit code and securelevel
Previous by Thread: Re: jit code and securelevel
Next by Thread: Re: jit code and securelevel
Indexes:

Home | Main Index | Thread Index | Old Index