URL has been copied successfully!
NDSS 2025 Statically Discover Cross-Entry Use-After-Free Vulnerabilities In The Linux Kernel
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

NDSS 2025 Statically Discover Cross-Entry Use-After-Free Vulnerabilities In The Linux Kernel


Tags: , , , , , , , ,

SESSION
Session 1D: System-Level Security Authors, Creators & Presenters: Hang Zhang (Indiana University Bloomington), Jangha Kim (The Affiliated Institute of ETRI, ROK), Chuhong Yuan (Georgia Institute of Technology), Zhiyun Qian (University of California, Riverside), Taesoo Kim (Georgia Institute of Technology) PAPER
Statically Discover Cross-Entry Use-After-Free Vulnerabilities in the Linux Kernel
Use-After-Free (UAF) is one of the most widely spread and severe memory safety issues, attracting lots of research efforts toward its automatic discovery. Existing UAF detection approaches include two major categories: dynamic and static. While dynamic methods like fuzzing can detect UAF issues with high precision, they are inherently limited in code coverage. Static approaches, on the other hand, can usually only discover simple sequential UAF cases, despite that many real-world UAF bugs involve intricate cross-entry control and data flows (e.g., concurrent UAFs). Limited static tools supporting cross-entry UAF detection also suffer from inaccuracy or narrowed scope (e.g., cannot handle complex codebases like the Linux kernel). In this paper, we propose UAFX, a static analyzer capable of discovering cross-entry UAF vulnerabilities in the Linux kernel and potentially extensible to general C programs. UAFX is powered by a novel escape-fetch-based cross-entry alias analysis, enabling it to accurately analyze the alias relationships between the use and free sites even when they scatter in different entry functions. UAFX is also equipped with a systematic UAF validation framework based on partial-order constraints, allowing it to reliably reason about multiple UAF-related code aspects (e.g., locks, path conditions, threads) to filter out false alarms. Our evaluation shows that UAFX can discover new cross-entry UAF vulnerabilities in the kernel and one user-space program (80 true positive warnings), with reasonable reviewer-perceived precision (more than 40%) and performance. Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

First seen on securityboulevard.com

Jump to article: securityboulevard.com/2025/11/ndss-2025-statically-discover-cross-entry-use-after-free-vulnerabilities-in-the-linux-kernel/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Getting the Most Value Out of the OSCP: After the Exam
  2. NDSS 2025 Statically Discover Cross-Entry Use-After-Free Vulnerabilities In The Linux Kernel
  3. Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
  4. CSO Awards winners highlight security innovation and transformation