conference logo

Playlist "32C3: gated communities"

New memory corruption attacks: why can't we have nice things?

gannimo and npc@berkeley.edu

Memory corruption is an ongoing problem and in past years we have both developed a set of defense mechanisms and novel attacks against those defense mechanisms. Novel defense mechanisms like Control-Flow Integrity (CFI) and Code-Pointer Integrity (CPI) promise to stop control-flow hijack attacks. We show that, while they make attacks harder, attacks often remain possible. Introducing novel attack mechanisms, like Control-Flow Bending (CFB), we discuss limitations of the current approaches. CFB is a generalization of data-only attacks that allows an attacker to execute code even if a defense mechanism significantly constrains execution.