Litcius/Paper detail

A Systematic Study of Elastic Objects in Kernel Exploitation

Yueqi Chen, Zhenpeng Lin, Xinyu Xing

202036 citationsDOI

Abstract

Recent research has proposed various methods to perform kernel exploitation and bypass kernel protection. For example, security researchers have demonstrated an exploitation method that utilizes the characteristic of elastic kernel objects to bypass KASLR, disclose stack/heap cookies, and even perform arbitrary read in the kernel. While this exploitation method is considered a commonly adopted approach to disclosing critical kernel information, there is no evidence indicating a strong need for developing a new defense mechanism to limit this exploitation method. It is because the effectiveness of this exploitation method is demonstrated only on anecdotal kernel vulnerabilities. It is unclear whether such a method is useful for a majority of kernel vulnerabilities.

Topics & Concepts

Kernel (algebra)Computer scienceHeap (data structure)Call stackComputer securityStack (abstract data type)AlgorithmMathematicsOperating systemCombinatoricsSecurity and Verification in ComputingAdvanced Malware Detection TechniquesDiamond and Carbon-based Materials Research