all InfoSec news
Penetrating Shields: A Systematic Analysis of Memory Corruption Mitigations in the Spectre Era. (arXiv:2309.04119v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
This paper provides the first systematic analysis of a synergistic threat
model encompassing memory corruption vulnerabilities and microarchitectural
side-channel vulnerabilities. We study speculative shield bypass attacks that
leverage speculative execution attacks to leak secrets that are critical to the
security of memory corruption mitigations (i.e., the shields), and then use the
leaked secrets to bypass the mitigation mechanisms and successfully conduct
memory corruption exploits, such as control-flow hijacking. We start by
systematizing a taxonomy of the state-of-the-art memory corruption mitigations …
analysis attacks bypass channel corruption critical leak memory memory corruption mitigations secrets security shield side-channel spectre speculative execution study threat threat model vulnerabilities