Offset2lib: Bypassing Full ASLR On 64bit Linux

Prize: National/international honour

Description

Packet Storm Security awarded us for our discovery of the Offset2Lib weakness. The offset2lib is a design weakness of the ASLR (Address Space Layout Randomization) of Linux. We demonstrated how to bypass the Linux ASLR in 64 bits in less than on second. Also, we proposed a solution which fixes the offset2lib weakness which has been rewarded by Google. This weakness has been ranked as a 1-day vulnerability.
Awarded dateDec 2014
OrganisationsPacket Storm Security

Keywords

  • CybserSecurity
  • Linux
  • ASLR

Fingerprint

Linux