tags: heap_overflowinfo_leakconditional_corruption original link: CVR: The Mines of Kakadûm newsletter link: exploits.club Weekly Newsletter 38 - Linux Races, Blind Memory Corruption, LLM Java Fuzzing, and More
Exploits Club Summary:
Google’s Cloud Vulnerability Research team took to the BugHunter blog to discuss their research on exploiting memory corruption bugs in server-side libraries under unknown execution environments. Specifically, the post focuses on Kakadu, a JPEG 2000 library. The post goes over the technical details of the software before walking through the team’s vulnerability research methodology. The team discovered two vulnerabilities - an OOB write and an arbitrary file read. They leveraged the file read to obtain information about the execution environment and trigger “Conditional Corruption.” After that, they used the OOB write to modify global variables and hijack control flow. The post is super in-depth, discussing a handful of roadblocks the team encountered - certainly worth a full read-through.