178 - Attacking Bhyves and a Kernel UAF [Binary Exploitation Podcast]

Just a few issues this week, but some solid exploitation. A Kernel UAF, IoT, and a bhyve escape.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/178.html

[00:00:00] Introduction
[00:00:35] Spot the Vuln - Internal Externals
[00:06:35] Escaping from bhyve
[00:13:14] Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg
[00:29:28] MeshyJSON: A TP-Link tdpServer JSON Stack Overflow
[00:42:19] Survey of security mitigations and architectures, December 2022
[00:45:25] Abusing RCU callbacks with a Use-After-Free read to defeat KASLR

The …

abusing binary binary exploitation december escape exploitation exploiting free internal introduction iot json kaslr kernel link linux linux kernel mitigations netfilter overflow podcast security solid stack overflow survey tp-link uaf use-after-free vuln