In September of 2020, a team at the Systems and Network Security Group at VU Amsterdam announced a new technique for developing exploits they called BlindSide [1].
BlindSide allows an attacker to conduct Blind ROP-style [2] attacks against targets that are not crash-resistant, such as the Linux kernel. What does this mean for you as a system engineer? It means BlindSide can enable an attacker with knowledge of a single kernel overflow vulnerability to convert an unprivileged shell to a root shell despite recent kernel features designed to prevent information leaks which can lead to these types of privilege escalations.
It is techniques like BlindSide, and other techniques still unknown, that drive Star Lab to design its products with the assumption that an attacker will gain root access. It is why we advocate everyone at least consider…
Read More