all InfoSec news
Control-Flow Integrity at RISC: Attacking RISC-V by Jump-Oriented Programming. (arXiv:2211.16212v1 [cs.CR])
Nov. 30, 2022, 2:10 a.m. | Olivier Gilles, Franck Viguier, Nikolai Kosmatov, Daniel Gracia Pérez
cs.CR updates on arXiv.org arxiv.org
RISC-V is an open instruction set architecture recently developed for
embedded real-time systems. To achieve a lasting security on these systems and
design efficient countermeasures, a better understanding of vulnerabilities to
novel and potential future attacks is mandatory. This paper demonstrates that
RISC-V is sensible to Jump-Oriented Programming, a class of complex code-reuse
attacks, able to bypass existing protections. We provide a first analysis of
RISC-V systems' attack surface exploitable by such attacks, and show how they
can be chained …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cloud Technical Solutions Engineer, Security
@ Google | Mexico City, CDMX, Mexico
Assoc Eng Equipment Engineering
@ GlobalFoundries | SGP - Woodlands
Staff Security Engineer, Cloud Infrastructure
@ Flexport | Bellevue, WA; San Francisco, CA
Software Engineer III, Google Cloud Security and Privacy
@ Google | Sunnyvale, CA, USA
Software Engineering Manager II, Infrastructure, Google Cloud Security and Privacy
@ Google | San Francisco, CA, USA; Sunnyvale, CA, USA