Latest Posts
-
CVE-2023-5178: exploiting Linux kernel NVMe-oF-TCP driver on Ubuntu 23.10
The NVMe-oF-TCP driver had a vulnerability found by Alon Zahavi. It leads to the racy double-free in kmalloc-96, which can be exploited to gain LPE. The bug is a logic error during the handle of corrupted Initialize Connection Request. Let’s exploit it.
-
Kcipher CoRCTF-2023: cross-slab heap traversal for cred structure
We are going to discuss ‘kcipher’ problem from recent corCTF-2023. As its name suggests it was a kernel pwning chal. The bug was classic. The funniest part was exploitation. Many different solutions exist and different bypasses to pitfalls were created by different people.