[~]$ whoami?

Hi, I’m Sachin (@cyfun). I’m a budding security researcher with interests in threat hunting, reverse engineering, pwning, web and network security.

[ About ] [ Blog ] [ Contact ]

Novel approach to tackle UAF Bugs in the Linux Kernel

Hi, kernel and sec enthusiasts! It’s been a while since my last post(2022), but I’ve got something juicy for you today. We are going to dive into an exciting new proposal that aims to bolster the Linux kernel’s defenses against those persistent use-after-free (UAF) vulnerabilities. Grab your favorite beverage or drink(Try Amul Kool once, Thank me later), because we’re about to get our hands dirty with some kernel internals! The Persistent Threat of UAF Vulnerabilities If you’ve been in the low-level security for a while, you’re probably sick of hearing about UAF vulnerabilities. But for those who need a refresher, UAFs occur when a program continues to use a pointer to memory after it’s been freed. This can lead to all sorts of fun exploitation scenarios, especially in kernel-land where the stakes are highest. ...

September 15, 2024 · 6 min · 1146 words