Skip to navigation Skip to main content Skip to footer

Whitepaper – A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator

22 January 2012

By Jennifer Fernick

by Dan Rosenberg

In this paper, we will systematically evaluate the implementation of the Linux kernel SLOB allocator to assess exploitability. We will present new techniques for attacking the SLOB allocator, whose exploitation has not been publicly described. These techniques will apply to exploitation scenarios that become progressively more constrained, starting with an arbitrary length, arbitrary-contents heap overflow and concluding with an off-by-one NULL byte overflow.

This paper can be downloaded below.


Editor’s note: This work was originally published by VSR on January 22 2012 at https://www.vsecurity.com/download/publications/slob-exploitation.pdf. VSR is now a part of NCC Group, so we have migrated this content to research.nccgroup.com. 

Jennifer Fernick

Jennifer Fernick

Jennifer Fernick is the Global Head of Research at NCC Group. She can be found on Twitter at @enjenneer.