Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation
Ziyi Guo, Kyle Zeng, Xinyu Xing
33rd USENIX Security Symposium · Day 1 · USENIX Security '24
The talk "Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation" by Ziyi Guo, Kyle Zeng, and Xinyu Xing introduces **Page Spray**, a novel and highly effective page-level memory reuse technique for exploiting vulnerabilities within the Linux kernel. This research illuminates a critical blind spot in current kernel exploitation strategies, which predominantly focus on slab-level object reuse. By demonstrating how attackers can directly reclaim freed kernel pages with arbitrary user-controlled data, Page Spray significantly enhances the exploitability and stability of existing kernel vulnerabilities, particularly those involving use-after-free or double-free conditions.
AI review
This research on Page Spray is a critical advancement in Linux kernel exploitation, shifting focus from slab-level to direct page-level control. It's a highly practical technique, demonstrated against real-world CVEs, that fundamentally redefines memory reuse for both attackers and defenders. Anyone serious about kernel security needs to understand this.