maestro icon indicating copy to clipboard operation
maestro copied to clipboard

Published 20 hours ago verified publisher icon llenotre

MemSpace::map can overwrite kernel pages

Open Myldero opened this issue 11 months ago • 1 comments

When run with MAP_FIXED, MemSpace::map has no limits to where a page is requested. Furthermore, it will always unmap any pre-existing page. This means that a user can hijack kernel pages (and thus execution) with mmap or the ELF parser.

Myldero avatar Mar 20 '24 16:03 Myldero