A matrix for memory corruption mitigations.
The matrix provided below will prove beneficial for both security researchers and developers. Security professionals can utilize it to identify the current mitigations available and the potential challenges they may encounter in real-world applications. Developers can also make use of this matrix to determine the necessary measures to incorporate into their applications while ensuring minimal impact on performance.
Full series URL: https://nixhacker.com/nostalgic-memory-part-1/
Mitigation | Year | Tool/Technique | Targeted vulnerabilities | Hardware assisted | OS support | Default present | Kernel support | Active/Deprecated | Perf impact | Significant Bypasses |
---|---|---|---|---|---|---|---|---|---|---|
BoundCheck | 1992 | Tool | Stack overflow, Use after free, Double free | No | Windows | No | No | Deprecated | High | No |
PageHeap | ~1995 | Tool | Heap Overflow, Double free, Use after free | No | Windows | No | Yes | Active | High | No |
StackGuard | 1997 | Technique | Stack overflow | No | Linux/Windows | Yes | Yes | Active | Low | Yes |
Libsafe/Libverify | 2000 | Tool | Stack overflow | No | Linux | No | Yes | Deprecated | Low | No |
Stack Shield | 2000 | Tool | Stack overflow | No | Linux | No | No | Deprecated | Not available | No |
Stack Ghost | 2001 | Technique | Stack overflow | Yes | Linux | No | Yes | Deprecated | Low | Yes |
Memcheck | 2003 | Tool | Use after free, Buffer overflow, Illegal read/write, Double free, Memory leaks | No | Linux | No | No | Active | Upto 40% | No |
Propolice | 2004 | Technique | Stack overflow | No | Linux | Yes | No | Depricated | Low | No |
NX Stack | 2004 | Technique | Stack Overflow | Yes | Linux/Windows | Yes | Yes | Active | Low | Yes |
CCFIR/bin-CFI | 2005 | Tool | Exploitation | No | Linux | No | No | Deprecated | upto 50% | |
ASLR | 2005 | Technique | Exploitation | No | Linux/Windows | Yes | Yes | Active | Low | Yes |
Taint Trace | 2006 | Tool | Stack overflow, Format string, Indirect calls modification | No | Linux | No | No | Deprecated | 5x | No |
ASAN | 2012 | Tool | Buffer overflow, Use after free, Null pointer dereferance, Use after return, Uninitialized memory, Memory leaks | No | Linux/Windows | Yes | Yes | Active | Processing upto 73%, Memory usage 230% | No |
UBSAN | 2013 | Tool | OOB read/write, Null pointer dereferance, Integer underflow | No | Linux/Windows | Yes | Yes | Active | Processing upto 3x, Disk usage upto 20x | No |
MSAN | 2015 | Tool | Uninitialized memory | No | Linux | Yes | Yes | Active | 2.5x | No |
LLVM-CFI | 2014 | Technique | Exploitation | No | Linux | Yes | Yes | Active | VTV- upto 20% IFCC - upto 4% |
Yes |
CFG | 2014 | Technique | Exploitation | No | Windows | Yes | Yes | Active | Medium-High | Yes |
SafeStack | 2014 | Technique | Exploitation | No | Linux | No | No | Active | Low - max untime overhead 3.0%, memory overhead 5.3% | Yes |
ACG | 2016 | Technique | Exploitation | Yes | Windows | Yes | Yes | Active | Low | Yes |
PAC | 2018 | Technique | Exploitation | Yes | Linux/Windows | Yes | Yes | Active | Low | Yes |
BTI | 2018 | Technique | Exploitation | Yes | Linux/Windows | Yes | Yes | Active | Low | Yes |
MTE | 2019 | Technique | Buffer overflow, Heap overflow, Use after free, Double free, Null pointer dereferance | Yes | Linux/Windows | Yes | Yes | Active | Low-Medium | No |
XFG | 2019 | Technique | Exploitation | No | Windows | No | No | Active | Low-Medium | No |
IBT | 2020 | Technique | Exploitation | Yes | Linux/Windows | Yes | Yes | Active | Low | Yes |
Shadow stack | 2020 | Technique | Exploitation, Buffer overflow | Yes | Linux/Windows | Yes | Yes | Active | Low | Yes |
FGKASLR | 2020 | Technique | Exploitation | No | Linux | Yes | Yes | Active | Low | No |
FineIBT | 2021 | Technique | Exploitation | Yes | Linux | Yes | Yes | Active | Low | No |
KCFI | 2022 | Technique | Exploitation | No | Linux | Yes | Yes | Active | Low | No |