Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Memory Safety and the Future of Vulnerabilities
Search
Andrew Lilley Brinker
April 15, 2025
Programming
0
19
Memory Safety and the Future of Vulnerabilities
Presented at the Cal Poly Pomona SWIFT Tech Symposium 2025.
Andrew Lilley Brinker
April 15, 2025
Tweet
Share
More Decks by Andrew Lilley Brinker
See All by Andrew Lilley Brinker
Hello and Welcome: Documentation in the Rust Ecosystem
alilleybrinker
0
9
A Tale of Teaching Rust
alilleybrinker
0
10
Efficient Nimber Calculation in Dots and Boxes
alilleybrinker
0
97
Other Decks in Programming
See All in Programming
Langfuseと歩む生成AI活用推進
licux
3
250
自作OSでDOOMを動かしてみた
zakki0925224
1
1.4k
Comparing decimals in Swift Testing
417_72ki
0
170
新世界の理解
koriym
0
140
State of CSS 2025
benjaminkott
1
110
実践!App Intents対応
yuukiw00w
1
280
Dart 参戦!!静的型付き言語界の隠れた実力者
kno3a87
0
200
0から始めるモジュラーモノリス-クリーンなモノリスを目指して
sushi0120
1
280
あのころの iPod を どうにか再生させたい
orumin
2
2.5k
マイコンでもRustのtestがしたい その2/KernelVM Tokyo 18
tnishinaga
2
2.3k
Introduction to Git & GitHub
latte72
0
110
兎に角、コードレビュー
mitohato14
0
140
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.5k
Six Lessons from altMBA
skipperchong
28
4k
StorybookのUI Testing Handbookを読んだ
zakiyama
30
6k
Build The Right Thing And Hit Your Dates
maggiecrowley
37
2.8k
The Language of Interfaces
destraynor
160
25k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
183
54k
Scaling GitHub
holman
462
140k
Docker and Python
trallard
45
3.5k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
6k
GitHub's CSS Performance
jonrohan
1031
460k
Faster Mobile Websites
deanohume
309
31k
Transcript
Memory safety and the future of vulnerabilities A talk by
Andrew Lilley Brinker Approved for Public Release; Distribution Unlimited. Public Release Case Number 251031. The author’s affiliation with The MITRE Corporation is provided for identification purposes only, and is not intended to convey or imply MITRE’s concurrence with, or support for, the positions, opinions, or viewpoints expressed by the author. ©2025 The MITRE Corporation. ALL RIGHTS RESERVED.
I’m Andrew Principal Cyber Security Engineer MITRE Rustacean for
11 years I am not speaking for MITRE today.
What is memory safety?
What kinds of weaknesses? 1 buffer overflow 1. null pointer
dereference 2. use after free 3. use of uninitialized memory 4. illegal free (of an already-freed pointer, or a non- malloced pointer) 5. Michael Hicks, “What is memory safety,” http://www.pl-enthusiast.net/2014/07/21/memory-safety/ 1.
Or, this bigger list The Common Weakness Enumeration CWE
Memory Safety category
Spatial Memory Safety Out-of-bounds accesses Reads or writes, under or
over 1 Yoshua Wuyts, “What are temporal and spatial memory safety?” https://blog.yoshuawuyts.com/temporal-spatial-memory- safety/ 1.
Heartbleed was a spatial memory safety vulnerability
Why is that bad? Client: heartbeat “Hello” length 1,000 bytes
Server: heartbeat “HellobfsfhgafSocial Security Number 123456789…”
But Wait, There’s More! This is “Smashing the Stack
for Fun and Profit”
Temporal Memory Safety Use after free Use of uninitialized memory
Double-free
Memory safety is when these problems don’t happen Memory safe
languages stop memory safety problems
What languages are memory safe? From “The Case for
Memory Safe Roadmaps” Published by CISA, NSA, FBI, ASD’s ACSC, CCCS, NCSCUK, NCSCNZ, CERTNZ
Which ones aren’t? C and C
None
Rust 1.0 was May 15, 2015 Also the day of
my first date with my wife)
9 years later… The White House publishes this…
The govt. asked for input CISA / ONCD /
NSF / DARPA / OMB Request for Input RFI on open source software OSS security.
In the responses… Microsoft, Google, Cloudflare, GitHub, IBM, and many
others recommend moving to memory safe languages.
The move to memory safe languages is happening What does
this mean for vulnerabilities?
Let’s look at the CWE Top 25! In 2024 20%
are memory safety related – 35% known-exploited are memory safety related –
We’ll always have… Bad authentication / authorization – Bad neutralization
of user input – Resource exhaustion But what else? –
Micro- architectural vulnerabilities
Spectre and Meltdown Spectre: trick branch predictor into leaking data
Meltdown: read memory faster than the privilege check, then recover data from cache
These affected every Intel processor from 1995 to 2018
The hits start coming and they don’t stop coming Spectre,
Meltdown, Spectre-NG, SpectreRSB, Foreshadow, Zombieload, CROSStalk, Phantom, Zenbleed, Inception, Downfall
And it’s not just Intel! That’s from this year!
Turns out Apple CPUs since the M2 / A15 have a Load Address Predictor and Load Value Predictor. Oh no!
Problem: how to have fast processors that aren’t full of
speculative execution vulnerabilities
Cryptographic vulnerabilities
Cryptography libraries are better than they used to be
But… Primitives being correct doesn’t mean a protocol is secure
We need post-quantum cryptography Harvest now, decrypt later
Problem: many existing protocols can’t easily adapt to post-quantum cryptography
Supply Chain Vulnerabilities
Code reuse is good!
But: xz-utils Last year we narrowly avoided the worst open
source software supply chain attack in history.
Seriously, go read the story of this attack. Russ
Cox, co-creator of the Go programming language, has a great timeline
More commonly, we have stuff like this… Also: Typosquatting –
Malicious contributions – Account takeovers – Token reuse –
Conclusions
Memory safety vulns won’t disappear But they will become less
common
There’s still a lot to secure
Be Curious!
How to Reach Me Bluesky: LinkedIn: @alilleybrinker.com @alilleybrinker
alilleybrinker
licux
zakki0925224
417_72ki
koriym
benjaminkott
yuukiw00w
kno3a87
sushi0120
orumin
tnishinaga
latte72
mitohato14
jnunemaker
skipperchong
zakiyama
maggiecrowley
destraynor
bluesmoon
soudai
holman
trallard
kevinliebholz
jonrohan
deanohume
