Giters

shubham0d / memory-corruption-mitigations

A matrix of memory corruption mitigations

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

memory-corruption-mitigations

A matrix for memory corruption mitigations.
The matrix provided below will prove beneficial for both security researchers and developers. Security professionals can utilize it to identify the current mitigations available and the potential challenges they may encounter in real-world applications. Developers can also make use of this matrix to determine the necessary measures to incorporate into their applications while ensuring minimal impact on performance.
Full series URL: https://nixhacker.com/nostalgic-memory-part-1/

Mitigation Year Tool/Technique Targeted vulnerabilities Hardware assisted OS support Default present Kernel support Active/Deprecated Perf impact Significant Bypasses
BoundCheck 1992 Tool Stack overflow, Use after free, Double free No Windows No No Deprecated High No
PageHeap ~1995 Tool Heap Overflow, Double free, Use after free No Windows No Yes Active High No
StackGuard 1997 Technique Stack overflow No Linux/Windows Yes Yes Active Low Yes
Libsafe/Libverify 2000 Tool Stack overflow No Linux No Yes Deprecated Low No
Stack Shield 2000 Tool Stack overflow No Linux No No Deprecated Not available No
Stack Ghost 2001 Technique Stack overflow Yes Linux No Yes Deprecated Low Yes
Memcheck 2003 Tool Use after free, Buffer overflow, Illegal read/write, Double free, Memory leaks No Linux No No Active Upto 40% No
Propolice 2004 Technique Stack overflow No Linux Yes No Depricated Low No
NX Stack 2004 Technique Stack Overflow Yes Linux/Windows Yes Yes Active Low Yes
CCFIR/bin-CFI 2005 Tool Exploitation No Linux No No Deprecated upto 50%
ASLR 2005 Technique Exploitation No Linux/Windows Yes Yes Active Low Yes
Taint Trace 2006 Tool Stack overflow, Format string, Indirect calls modification No Linux No No Deprecated 5x No
ASAN 2012 Tool Buffer overflow, Use after free, Null pointer dereferance, Use after return, Uninitialized memory, Memory leaks No Linux/Windows Yes Yes Active Processing upto 73%, Memory usage 230% No
UBSAN 2013 Tool OOB read/write, Null pointer dereferance, Integer underflow No Linux/Windows Yes Yes Active Processing upto 3x, Disk usage upto 20x No
MSAN 2015 Tool Uninitialized memory No Linux Yes Yes Active 2.5x No
LLVM-CFI 2014 Technique Exploitation No Linux Yes Yes Active VTV- upto 20%
IFCC - upto 4%		 Yes
CFG 2014 Technique Exploitation No Windows Yes Yes Active Medium-High Yes
SafeStack 2014 Technique Exploitation No Linux No No Active Low - max untime overhead 3.0%, memory overhead 5.3% Yes
ACG 2016 Technique Exploitation Yes Windows Yes Yes Active Low Yes
PAC 2018 Technique Exploitation Yes Linux/Windows Yes Yes Active Low Yes
BTI 2018 Technique Exploitation Yes Linux/Windows Yes Yes Active Low Yes
MTE 2019 Technique Buffer overflow, Heap overflow, Use after free, Double free, Null pointer dereferance Yes Linux/Windows Yes Yes Active Low-Medium No
XFG 2019 Technique Exploitation No Windows No No Active Low-Medium No
IBT 2020 Technique Exploitation Yes Linux/Windows Yes Yes Active Low Yes
Shadow stack 2020 Technique Exploitation, Buffer overflow Yes Linux/Windows Yes Yes Active Low Yes
FGKASLR 2020 Technique Exploitation No Linux Yes Yes Active Low No
FineIBT 2021 Technique Exploitation Yes Linux Yes Yes Active Low No
KCFI 2022 Technique Exploitation No Linux Yes Yes Active Low No

About

A matrix of memory corruption mitigations

License:MIT License