PageJack: A Powerful Exploit Technique With Page-Level UAF
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk introduces PageJack, a sophisticated exploit technique designed to achieve privilege escalation within operating system kernels, particularly focusing on Linux and Android. Presented by Chen, a professor from the University of California Riverside, on behalf of a collaborative academic research team, PageJack addresses a critical challenge in modern kernel exploitation: reliably targeting sensitive kernel data structures across different memory caches. As **Control Flow Integrity (CFI)** mitigations increasingly harden systems against traditional **control flow hijack** attacks, the focus for attackers is shifting towards **data-only attacks**. PageJack provides a novel and more reliable methodology for executing such attacks by leveraging a **page-level Use-After-Free (UAF)** primitive.