all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap

Add to bookmarks
June 11, 2024, 2:36 p.m. | Aaron Adams

NCC Group Research Blog research.nccgroup.com

Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap Lua 5.1 Musl’s Next Generation Allocator – aka mallocng mallocng Cycling Offset Exploiting CVE-2022-24834 on the mallocng heap mallocng Heap Shaping Ensuring Correct Target Table->Array Distance Lua Table Confusion redis-server/libc ASLR Bypass and Code Execution Conclusion Resources Tools This […]

alpine array cve cycling exploitation exploiting iron lua next real target vulnerability research world

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Stepping Stones – A Red Team Activity Hub 2 weeks ago | research.nccgroup.com
accuracy bloodhound blue blue team +25
Pumping Iron on the Musl Heap – Real World CVE-2022-24834 Exploitation on an Alpine mallocng … 2 weeks, 1 day ago | research.nccgroup.com
alpine array cve cycling +9
Enumerating System Management Interrupts 2 weeks, 2 days ago | research.nccgroup.com
access code cyber security functions +16
Real World Cryptography Conference 2024 2 weeks, 5 days ago | research.nccgroup.com
academic canada conference conferences +13
Public Report – Keyfork Implementation Review 2 weeks, 6 days ago | research.nccgroup.com
air air-gapped april assessment +21
Cross-Execute Your Linux Binaries, Don’t Cross-Compile Them 3 weeks ago | research.nccgroup.com
article can consultant devices +16
Why AI Will Not Fully Replace Humans for Web Penetration Testing 3 weeks, 5 days ago | research.nccgroup.com
advancements ai-powered artificial artificial intelligence +27
Integrating DigitalOcean into ScoutSuite 4 weeks, 2 days ago | research.nccgroup.com
addition apac april auditing +15
Cranim: A Toolkit for Cryptographic Visualization 1 month ago | research.nccgroup.com
block cbc cipher code +17

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California
View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Vice President, Controls Design & Development-7

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Vice President, Controls Design & Development-5

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Data Scientist & AI Prompt Engineer

@ Varonis | Israel
View on infosec-jobs.com

Contractor

@ Birlasoft | INDIA - MUMBAI - BIRLASOFT OFFICE, IN
View on infosec-jobs.com