DOI:10.1145/2976749.2978321

Corpus ID: 6293725

Breaking Kernel Address Space Layout Randomization with Intel TSX

@article{Jang2016BreakingKA,
  title={Breaking Kernel Address Space Layout Randomization with Intel TSX},
  author={Yeongjin Jang and S. Lee and Taesoo Kim},
  journal={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security},
  year={2016}
}

Yeongjin Jang, S. Lee, Taesoo Kim
Published 2016
Computer Science
Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Kernel hardening has been an important topic since many applications and security mechanisms often consider the kernel as part of their Trusted Computing Base (TCB). Among various hardening techniques, Kernel Address Space Layout Randomization (KASLR) is the most effective and widely adopted defense mechanism that can practically mitigate various memory corruption vulnerabilities, such as buffer overflow and use-after-free. In principle, KASLR is secure as long as no memory leak vulnerability… Expand

Share This Paper

107 Citations

Highly Influential Citations

15

Background Citations

59

Methods Citations

31

Results Citations

6

Supplemental Presentations

Presentation Slides

Breaking Kernel Address Space Layout Randomization with Intel TSX

Presentation One

Presentation Two

Explore Further

Discover more papers related to the topics discussed in this paper

KASLR-MT: Kernel Address Space Layout Randomization for Multi-Tenant cloud systems

Fernando Vano-Garcia, Hector Marco-Gisbert
Computer Science
J. Parallel Distributed Comput.
2020

3

Meltdown: Reading Kernel Memory from User Space

Moritz Lipp, Michael Schwarz, +9 authors Michael Hamburg
Computer Science
USENIX Security Symposium
2018

502
Highly Influenced
PDF

Kernel Protection Against Just-In-Time Code Reuse

Marios Pomonis, Theofilos Petsios, A. Keromytis, M. Polychronakis, V. P. Kemerlis
Computer Science
ACM Trans. Priv. Secur.
2019

8
PDF

Fallout: Reading Kernel Writes From User Space

M. Minkin, Daniel Moghimi, +7 authors Y. Yarom
Computer Science
ArXiv
2019

37
Highly Influenced
PDF

Prefetch Side-Channel Attacks: Bypassing SMAP and Kernel ASLR

D. Gruss, Clémentine Maurice, A. Fogh, Moritz Lipp, S. Mangard
Computer Science
CCS
2016

134
PDF

Telling Your Secrets Without

Jo Van Bulck, R. Kapitza
2017

Highly Influenced
PDF

An Info-Leak Resistant Kernel Randomization for Virtualized Systems

Fernando Vano-Garcia, Hector Marco-Gisbert
Computer Science
IEEE Access
2020

PDF

TagBleed: Breaking KASLR on the Isolated Kernel Address Space using Tagged TLBs

Jakob Koschel, Cristiano Giuffrida, H. Bos, Kaveh Razavi
Computer Science
2020 IEEE European Symposium on Security and Privacy (EuroS&P)
2020

1
Highly Influenced

ASLR on the Line: Practical Cache Attacks on the MMU

Ben Gras, Kaveh Razavi, E. Bosman, H. Bos, Cristiano Giuffrida
Computer Science
NDSS
2017

125
PDF

Exploiting Uses of Uninitialized Stack Variables in Linux Kernels to Leak Kernel Pointers

Haehyun Cho, Jinbum Park, +5 authors Gail-Joon Ahn
Computer Science
WOOT @ USENIX Security Symposium
2020

1
PDF

References

SHOWING 1-5 OF 5 REFERENCES

Practical Timing Side Channel Attacks against Kernel Space ASLR

Ralf Hund, C. Willems, T. Holz
Computer Science
2013 IEEE Symposium on Security and Privacy
2013

271
Highly Influential
PDF

ARK | Your Source for Intel Protect Specifications

ARK | Your Source for Intel Protect Specifications

Creating a File Mapping Using Large Pages. https://msdn.microsoft.com/en-us/library/windows

Creating a File Mapping Using Large Pages. https://msdn.microsoft.com/en-us/library/windows

Some remarks on VirtualAlloc and MEM_LARGE_PAGES. https://blogs.msdn.microsoft.com/ oldnewthing/20110128-00/?p=11643

Some remarks on VirtualAlloc and MEM_LARGE_PAGES. https://blogs.msdn.microsoft.com/ oldnewthing/20110128-00/?p=11643

The Linux Kernel Archives. Huge Pages

The Linux Kernel Archives. Huge Pages