Desktops, servers, cloud computing services, mobile devices, and IoT devices. Linux is the most popular open-source kernel and is used in various IT platforms. Because of the ubiquitous presence of Linux and the characteristic of the kernel which …
Secure allocators have been extensively studied to mitigate heap
vulnerabilities. They employ safe designs and randomized mechanisms to stop or
mitigate heap exploitation. Despite extensive research efforts, secure
allocators can only be evaluated by …
Memory-unsafe languages are widely used to implement critical systems like kernels and browsers, leading to thousands of memory safety issues every year. A use-after-free bug is a temporal memory error where the program accidentally visits a freed …
Cellular basebands play a crucial role in mobile communication. However, it is significantly challenging to assess their security for several reasons. Manual analysis is inevitable because of the obscurity and complexity of baseband firmware; …
Exploitation techniques to abuse metadata of heap allocators have been widely studied because of their generality (i.e., application independence) and powerfulness (i.e., bypassing modern mitigation). However, such techniques are commonly considered …
Compromising a kernel through a browser is the ultimate goal for offensive security researchers. Because of continuous efforts to eliminate vulnerabilities and introduce various mitigations, a remote kernel exploit from a browser becomes extremely …