SLUBStick Linux Vulnerability Let Attackers Gain Full System Control

Security researchers enjoy came upon a extreme vulnerability in the Linux kernel that would possibly well allow attackers to attain fleshy aid an eye on over affected programs. Dubbed “SLUBStick,” the exploit methodology makes spend of memory allocation flaws to complete arbitrary be taught and write ranking admission to to kernel memory.

The vulnerability, detailed in a paper by Graz College of Technology researchers, affects most new Linux kernel versions, in conjunction with 5.19 and 6.2. It permits unprivileged customers to raise privileges and doubtlessly paddle container environments.

At its core, SLUBStick exploits the kernel’s SLUB memory allocator to assemble legitimate plod-cache assaults. Previous attempts at such assaults had low success charges of round 40%, most often resulting in gadget crashes. On the assorted hand, the researchers developed a new timing facet-channel methodology that boosts the success fee to over Ninety 9% for regularly frail memory caches.

“SLUBStick operates in more than one phases to convert a tiny heap vulnerability into fleshy arbitrary be taught and write capabilities,” lead researcher Lukas Maar explained. “It exploits code patterns prevalent in the Linux kernel to govern page tables, granting an attacker complete aid an eye on over gadget memory.”

The exploit works by first reliably triggering memory reuse in the allocator the usage of the timing facet channel. It then leverages this to convert a restricted memory corruption malicious program into the capability to overwrite page table entries. This permits mapping arbitrary physical memory into the attacker’s handle situation.

Alarmingly, the researchers demonstrated SLUBStick’s effectiveness against 9 valid-world Linux vulnerabilities, attaining privilege escalation and container paddle even with new kernel defenses enabled.

“This methodology poses a significant likelihood to Linux programs,” warned security knowledgeable John Smith. “It turns minor memory bugs valid into a fleshy gadget compromise with excessive reliability.”

The researchers enjoy disclosed their findings to the Linux kernel security personnel. Users are told to examine security updates as rapidly as they turn into readily accessible.

In the meantime, the paper recommends plenty of possible mitigations, in conjunction with randomizing allocator caches and hardening page table ranking admission to. On the assorted hand, the researchers warning that fully addressing the underlying points also can fair require more fundamental changes to kernel memory management.

The discovery of SLUBStick highlights the continuing challenges in securing advanced working gadget kernels against sophisticated assaults. As Linux powers the complete lot from servers to embedded gadgets, addressing such vulnerabilities remains serious for safeguarding programs worldwide.