From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 References: In-Reply-To: From: Carter Cheng Date: Fri, 22 Feb 2019 03:36:21 +0800 Message-ID: Subject: Re: classes of methods for gaining access to kernel memory Content-Type: multipart/alternative; boundary="00000000000075047505826c971f" To: Kees Cook Cc: Kernel Hardening List-ID: --00000000000075047505826c971f Content-Type: text/plain; charset="UTF-8" One of the papers I had a brief look at is this one- https://ieeexplore.ieee.org/abstract/document/7546545 On Fri, Feb 22, 2019 at 1:16 AM Kees Cook wrote: > On Thu, Feb 21, 2019 at 8:20 AM Carter Cheng > wrote: > > I was looking over some recent papers for Usenix Security and there are > a couple on data oriented programming and I have been wondering if there > are known mitigation techniques for this kind of data corruption attack or > other attacks that don't involve control flow hijacking. > > Can you share some URLs and/or examples? I'm sure other folks here > would be interested to read those too. > > -- > Kees Cook > --00000000000075047505826c971f Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
One of the papers I had a brief look at i= s this one-




On= Fri, Feb 22, 2019 at 1:16 AM Kees Cook <keescook@chromium.org> wrote:
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">On Thu, Feb 21, 2019 at 8:= 20 AM Carter Cheng <cartercheng@gmail.com> wrote:
> I was looking over some recent papers for Usenix Security and there ar= e a couple on data oriented programming and I have been wondering if there = are known mitigation techniques for this kind of data corruption attack or = other attacks that don't involve control flow hijacking.

Can you share some URLs and/or examples? I'm sure other folks here
would be interested to read those too.

--
Kees Cook
--00000000000075047505826c971f--