Exploiting CVE-2022-42703 - Bringing back the stack attack

Seth Jenkins, a member of Project Zero, has detailed an exploit for CVE-2022-42703, a bug in the Linux kernel's memory management subsystem. This bug, found by Jann Horn, leads to a use-after-free on struct anon_vma. Jenkins' exploit strategy involves corrupting a kernel pointer and using a hardware breakpoint to trigger a DB exception, which leads to a stack buffer overflow condition. The exploit also includes a prefetch KASLR bypass technique to defeat KASLR and CPU entry area randomization.