Full Program »
Sponsored Talk: Memory corruption attacks in the Spectre era
Thursday, 10 December 2020
13:15 - 13:30
Sponsored Talk: "Memory corruption attacks in the Spectre era", Alexandra Sandulescu, IBM Research
Abstract:
The prevalence of memory corruption bugs in the past decades resulted in numerous defenses, such as stack canaries, control flow integrity (CFI), and memory- safe languages. These defenses can prevent entire classes of vulnerabilities, and help increase the security posture of a program. In this talk, we discuss how Spectre diminishes these mitigations effectiveness. We study the cases of stack protectors, CFI, and memory safe languages like Go and Rust, showing under which conditions they can be bypassed by a form of speculative control flow hijack, relying on speculative or architectural overwrites of control flow data. Moreover, we discuss the conditions in which speculative control flow hijacks can be leveraged against a real world target. Finally, we show that, with moderate performance impact, the speculative control flow hijacking attacks can be hindered.