English
Related papers

Related papers: xTag: Mitigating Use-After-Free Vulnerabilities vi…

200 papers

Memory safety in C and C++ remains largely unresolved. A technique usually called "memory tagging" may dramatically improve the situation if implemented in hardware with reasonable overhead. This paper describes two existing implementations…

Cryptography and Security · Computer Science 2018-02-27 Kostya Serebryany , Evgenii Stepanov , Aleksey Shlyapnikov , Vlad Tsyrklevich , Dmitry Vyukov

Memory-safety escapes continue to form the launching pad for a wide range of security attacks, especially for the substantial base of deployed software that is coded in pointer-based languages such as C/C++. Although compiler and…

Use-After-Free vulnerabilities, allowing the attacker to access unintended memory via dangling pointers, are more threatening. However, most detection schemes can only detect dangling pointers and invalid them, but not provide a tolerance…

Cryptography and Security · Computer Science 2020-03-03 Daliang Xu , Dongwei Chen , Chun Yang , KangSun , Xu Cheng , Dong Tong

Temporal memory safety bugs, especially use-after-free and double free bugs, pose a major security threat to C programs. Real-world exploits utilizing these bugs enable attackers to read and write arbitrary memory locations, causing…

Cryptography and Security · Computer Science 2023-03-21 Jie Zhou , John Criswell , Michael Hicks

Memory vulnerabilities are a major threat to many computing systems. To effectively thwart spatial and temporal memory vulnerabilities, full logical memory safety is required. However, current mitigation techniques for memory safety are…

Cryptography and Security · Computer Science 2021-03-10 Pascal Nasahl , Robert Schilling , Mario Werner , Jan Hoogerbrugge , Marcel Medwed , Stefan Mangard

Memory safety remains a critical and widely violated property in reality. Numerous defense techniques have been proposed and developed but most of them are not applied or enabled by default in production-ready environment due to their…

Cryptography and Security · Computer Science 2021-11-30 Wei Song , Jiameng Ying , Sihao Shen , Boya Li , Hao Ma , Peng Liu

ARM recently introduced a security feature called Memory Tagging Extension or MTE, which is designed to defend against common memory safety vulnerabilities, such as buffer overflow and use after free. In this paper, we examine three aspects…

Cryptography and Security · Computer Science 2022-11-04 Aditi Partap , Dan Boneh

ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE makes it an attractive solution to mitigate memory corruption…

Cryptography and Security · Computer Science 2024-06-14 Juhee Kim , Jinbum Park , Sihyeon Roh , Jaeyoung Chung , Youngjoo Lee , Taesoo Kim , Byoungyoung Lee

Memory safety bugs remain in the top ranks of security vulnerabilities, even after decades of research on their detection and prevention. Various mitigations have been proposed for C/C++, ranging from language dialects to instrumentation.…

Cryptography and Security · Computer Science 2023-05-12 Konrad Hohentanner , Philipp Zieris , Julian Horsch

While memory corruption bugs stemming from the use of unsafe programming languages are an old and well-researched problem, the resulting vulnerabilities still dominate real-world exploitation today. Various mitigations have been proposed to…

Cryptography and Security · Computer Science 2021-08-20 Emanuel Q. Vintila , Philipp Zieris , Julian Horsch

Ensuring system correctness, such as memory safety, can eliminate security vulnerabilities that attackers could exploit in the first place. However, high and unpredictable performance degradation remains a primary challenge. Recognizing…

Cryptography and Security · Computer Science 2024-08-28 Myoung Jin Nam

Memory-safety attacks have been one of the most critical threats against computing systems. Although a wide-range of defense techniques have been developed against these attacks, the existing mitigation strategies have several limitations.…

Cryptography and Security · Computer Science 2019-09-20 Eyasu Getahun Chekole , Unnikrishnan Cheramangalath , Sudipta Chattopadhyay , Martin Ochoa , Guo Huaqun

Memory-safety violations are a prevalent cause of both reliability and security vulnerabilities in systems software written in unsafe languages like C/C++. Unfortunately, all the existing software-based solutions to this problem exhibit…

Cryptography and Security · Computer Science 2017-06-19 Oleksii Oleksenko , Dmitrii Kuvaiskii , Pramod Bhatotia , Pascal Felber , Christof Fetzer

The most important security benefit of software memory safety is easy to state: for C and C++ software, attackers can exploit most bugs and vulnerabilities to gain full, unfettered control of software behavior, whereas this is not true for…

Cryptography and Security · Computer Science 2025-03-28 Úlfar Erlingsson

Despite decades of efforts to resolve, memory safety violations are still persistent and problematic in modern systems. Various defense mechanisms have been proposed, but their deployment in real systems remains challenging because of…

Hardware Architecture · Computer Science 2023-08-08 Yonghae Kim , Anurag Kar , Jaewon Lee , Jaekyu Lee , Hyesoon Kim

Memory safety bugs, such as buffer overflows and use-after-frees, are the leading causes of software safety issues in production. Software-based approaches, e.g., Address Sanitizer (ASAN), can detect such bugs with high precision, but with…

Cryptography and Security · Computer Science 2026-04-21 Mingkai Li , Hang Ye , Joseph Devietti , Suman Jana , Tanvir Ahmed Khan

Almost all modern hardware, from phone SoCs to high-end servers with accelerators, contain memory translation and protection hardware like IOMMUs, firewalls, and lookup tables which make it impossible to reason about, and enforce protection…

Operating Systems · Computer Science 2020-09-08 Reto Achermann , Nora Hossle , Lukas Humbel , Daniel Schwyn , David Cock , Timothy Roscoe

Since buffer overflow has long been a frequently occurring, high-risk vulnerability, various methods have been developed to support spatial memory safety and prevent buffer overflow. However, every proposed method, although effective in…

Cryptography and Security · Computer Science 2023-02-15 Seong-Kyun Mok , Eun-Sun Cho

Modern computing is shifting from homogeneous CPU-centric systems to heterogeneous systems with closely integrated CPUs and GPUs. While the CPU software stack has benefited from decades of memory safety hardening, the GPU software stack…

Cryptography and Security · Computer Science 2026-03-09 Mingkai Li , Joseph Devietti , Suman Jana , Tanvir Ahmed Khan

Tag-based sanitizers attach a small "key" to each pointer and a matching "lock" tag to its target memory object, enabling runtime verification of pointer-object consistency and helping developers to detect potential memory violations.…

Cryptography and Security · Computer Science 2025-09-12 Mengfei Xie , Yan Lin , Hongtao Wu , Jianming Fu , Chenke Luo , Guojun Peng
‹ Prev 1 2 3 10 Next ›