A Linux kernel CTF task that relies on a double-fetch/data-race introduced by the compiler for exploitation:
Conversation
This Tweet was deleted by the Tweet author. Learn more
Switch jump table exploit is a good example of what can go wrong when one is sloppy about data races
"gcc considered harmful" Errrr NO!
1
Show replies
Replying to
This is exactly why copy_from_user and READ_ONCE etc exist -- more of a realistic vuln for Windows drivers (osronline.com/article.cfm?ar) I would think than Linux (since UDEREF weeded these out over a decade ago, and later, SMAP). Still neat for a CTF though
10
