Kyle-Kyle
commented
4 years ago To fix the tcache poisoning poc. It is pretty simple. I'm going to fix it. But damn, this breaks some exploitation primitives.
Closed Zzorz closed 3 years ago
Kyle-Kyle
commented
4 years ago To fix the tcache poisoning poc. It is pretty simple. I'm going to fix it. But damn, this breaks some exploitation primitives.
Kyle-Kyle
commented
4 years ago Kyle-Kyle
commented
4 years ago Not sure whether there is any other poc broken because of this patch. I will leave this issue open until we have done further checks.
Kyle-Kyle
commented
3 years ago after the refactor, everything is clean now. Thanks for the report!
The PoC of tcache poisoning no longer work on GLIBC 2.30 and above. There's a small change in _int_malloc() at https://sourceware.org/git/?p=glibc.git;a=commit;h=77dc0d8643aa99c92bf671352b0a8adde705896f.