🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Our uncontained paper USENIX Security is online! Find out how the Linux kernel is the "container of" several type confusion bugs, detected by our sanitizer & static analyzer. Joint work by Jakob Koschel Pietro Borrello Daniele Cono D'Elia Herbert Bos Cristiano Giuffrida: vusec.net/projects/uncon…

Our FloatZone paper USENIX Security is online: a branchless memory sanitizer that efficiently catches buffer overflows (+ use-after-frees) with floating-point underflows! Joint work by Floris Gorter @Enrico barberis @teemperor Erik van der Kouwe Cristiano Giuffrida Herbert Bos: vusec.net/projects/float…

Paper from Victor van der Veen & me about using the DRAM row conflict signal as a sidechannel on uncached execution (for protection): dramsec.ethz.ch/papers/dramaqu… - the thought: can we mitigate all uarch side channels by selectively bypassing cache? answer: perhaps, but DRAM sidechannel remains

Oh! 37 new bugs (28 new CVEs) discovered in 5 RISC-V CPUs (e.g., BOOM and CVA6)! #Cascade fuzzes #RISC-V CPUs based on novel basic principles. Try it on your own CPU, it’s open! comsec.ethz.ch/cascade (with Kathi Ceesay-Seitz Kav)

We built a RISC-V CPU fuzzer that generates test programs in a clever way and it rained CVEs! Cascade brings CI/CD to CPU designers 😀 Check Flavien's thread if you want to know more. To be presented at USENIX Security

Phantom just won a best paper award at MICRO 2024! Phantom shows the security implications of pre-decode speculation that is fundamental in achieving high performance. We are happy and deeply honored! (with johannes Daniël Trujillo)

New write-up on an Intel Ice Lake CPU vulnerability, we can effectively corrupt the RoB with redundant prefixes! 🔥 An updated microcode is available today for all affected products, cloud providers should patch ASAP. lock.cmpxchg8b.com/reptar.html

The first ever end-to-end cross-process Spectre exploit? I worked on this during an internship with grsecurity! An in-depth write-up here: grsecurity.net/cross_process_…

Details: github.com/google/securit…