Dangzero: Efficient use-after-free detection via direct page table access
Use-after-free vulnerabilities remain difficult to detect and mitigate, making them a popular
source of exploitation. Existing solutions incur impractical performance/memory overhead …
source of exploitation. Existing solutions incur impractical performance/memory overhead …
Islab: Immutable memory management metadata for commodity operating system kernels
M Momeu, F Kilger, C Roemheld, S Schnückel… - Proceedings of the 19th …, 2024 - dl.acm.org
Kernel memory allocators maintain several metadata structures optimized for efficiently
managing system memory. However, existing implementations adopt either weak or no …
managing system memory. However, existing implementations adopt either weak or no …
[PDF][PDF] Sticky Tags: Efficient and Deterministic Spatial Memory Error Mitigation using Persistent Memory Tags
Spatial memory errors such as buffer overflows still rank among the top vulnerabilities in
C/C++ programs. Despite much research in the area, the performance overhead of (even …
C/C++ programs. Despite much research in the area, the performance overhead of (even …
Memory Tagging using Cryptographic Integrity on Commodity x86 CPUs
D Schrammel, M Unterguggenberger… - 2024 IEEE 9th …, 2024 - ieeexplore.ieee.org
Memory tagging allows to establish memory safety for software developed in unsafe
languages like C/C++. Since it is an effective mechanism with low architectural complexity …
languages like C/C++. Since it is an effective mechanism with low architectural complexity …
MineSweeper: a “clean sweep” for drop-in use-after-free prevention
Low-level languages, which require manual memory management from the programmer,
remain in wide use for performance-critical applications. Memory-safety bugs are common …
remain in wide use for performance-critical applications. Memory-safety bugs are common …
Mitigating information leakage vulnerabilities with type-based data isolation
A Milburn, E Van Der Kouwe… - 2022 IEEE Symposium …, 2022 - ieeexplore.ieee.org
Information leakage vulnerabilities (or simply info leaks) such as out-of-bounds/uninitialized
reads in the architectural or speculative domain pose a significant security threat, allowing …
reads in the architectural or speculative domain pose a significant security threat, allowing …
SeMalloc: Semantics-Informed Memory Allocator
Use-after-free (UAF) is a critical and prevalent problem in memory unsafe languages. While
many solutions have been proposed, balancing security, run-time cost, and memory …
many solutions have been proposed, balancing security, run-time cost, and memory …
{PUMM}: Preventing {Use-After-Free} Using Execution Unit Partitioning
Critical software is written in memory unsafe languages that are vulnerable to use-after-free
and double free bugs. This has led to proposals to secure memory allocators by strategically …
and double free bugs. This has led to proposals to secure memory allocators by strategically …
{FreeWill}: Automatically Diagnosing Use-after-free Bugs via Reference Miscounting Detection on Binaries
Memory-safety issues in operating systems and popular applications are still top security
threats. As one widely exploited vulnerability, Use After Free (UAF) resulted in hundreds of …
threats. As one widely exploited vulnerability, Use After Free (UAF) resulted in hundreds of …
Beyond control: Exploring novel file system objects for data-only attacks on linux systems
The widespread deployment of control-flow integrity has propelled non-control data attacks
into the mainstream. In the domain of OS kernel exploits, by corrupting critical non-control …
into the mainstream. In the domain of OS kernel exploits, by corrupting critical non-control …