Citations from academia and industry

The following list of references includes literature from academia, research institutions and industry community peers citing our work or published works.

Image Description


Papers, theses and dissertations

In light of the code reuse payload paradigm, whether return-oriented (Shacham, 2007), jump- oriented (Bletsch et al., 2011), or some other form of “borrowed code” (Krahmer, 2005), skilled adversaries have been actively searching for ever more ingenious ways to leverage memory disclosures as part of their arsenal (Sotirov and Dowd, 2008b; Serna, 2012a; VUPEN Security, 2012; Larry and Bastian, 2012).


In a recent Phrack article (H L, 2009), the author describes in great detail the allocation and deal- location algorithms of all of the kernels allocators in a leadup to the description of his created kernel heap protection project, KERNHEAP, that is now part of the GrSecurity project. While describing these allocators, the kmem_cache facility is described as well as a short writeup on the sensitivity of data within the cache. Since this paper is attempting to deter reliable kernel exploitation under Linux, the author fears that the predictable, un-sanitized data within the caches could be used as static data to build a reliable exploit. He also mentions the existence of private information in other dynamic areas such as wireless keys, tty buffers, cryptographic information, and IPC.


Subreption and its team have been featured in the works and publications of well-respected industry peers. This is a selection of industry-related publications mentioning our work.

Finally, this paper’s focus on attacks should provide insight for those interested in defending the kernel against heap exploitation. Projects such as Subreption’s KERNHEAP [9] provide a strong framework for implementing heap hardening, and future work should continue to refine these defensive techniques.

Report missing citations

If you have recently cited our work in an academic or industry context, or are aware of such a citation that is missing in this page, contact us for inclusion at .

The works (“citations”) referenced herein belong exlusively to their rightful owners and copyright holders. Any trademarks belong to their respective owners and are referenced per nominative fair use rights.