TLDR:
- Researchers have discovered a severe vulnerability in the Linux kernel called SLUBStick.
- This exploit technique allows attackers to gain full control over affected systems.
Security researchers have identified a critical vulnerability in the Linux kernel known as SLUBStick, which enables attackers to gain complete control over compromised systems. The exploit utilizes memory allocation flaws to achieve arbitrary read and write access to kernel memory. The vulnerability impacts recent Linux kernel versions, including 5.19 and 6.2, potentially enabling unprivileged users to escalate privileges and escape container environments.
The SLUBStick exploit operates in multiple stages, leveraging the kernel’s SLUB memory allocator to execute reliable cross-cache attacks. By implementing a new timing side-channel technique, researchers have significantly increased the success rate of these attacks to over 99%, making it a serious threat to Linux systems. The researchers have shared their findings with the Linux kernel security team and recommend users to apply security updates promptly once available.