Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Memory Safety and the Future of Vulnerabilities
Search
Andrew Lilley Brinker
April 15, 2025
Programming
0
13
Memory Safety and the Future of Vulnerabilities
Presented at the Cal Poly Pomona SWIFT Tech Symposium 2025.
Andrew Lilley Brinker
April 15, 2025
Tweet
Share
More Decks by Andrew Lilley Brinker
See All by Andrew Lilley Brinker
Hello and Welcome: Documentation in the Rust Ecosystem
alilleybrinker
0
6
A Tale of Teaching Rust
alilleybrinker
0
5
Efficient Nimber Calculation in Dots and Boxes
alilleybrinker
0
96
Other Decks in Programming
See All in Programming
Kotlin エンジニアへ送る:Swift 案件に参加させられる日に備えて~似てるけど色々違う Swift の仕様 / from Kotlin to Swift
lovee
1
260
C++20 射影変換
faithandbrave
0
560
都市をデータで見るってこういうこと PLATEAU属性情報入門
nokonoko1203
1
590
datadog dash 2025 LLM observability for reliability and stability
ivry_presentationmaterials
0
450
Railsアプリケーションと パフォーマンスチューニング ー 秒間5万リクエストの モバイルオーダーシステムを支える事例 ー Rubyセミナー 大阪
falcon8823
5
1.1k
20250704_教育事業におけるアジャイルなデータ基盤構築
hanon52_
5
640
Node-RED を(HTTP で)つなげる MCP サーバーを作ってみた
highu
0
120
Azure AI Foundryではじめてのマルチエージェントワークフロー
seosoft
0
150
A full stack side project webapp all in Kotlin (KotlinConf 2025)
dankim
0
100
PHP 8.4の新機能「プロパティフック」から学ぶオブジェクト指向設計とリスコフの置換原則
kentaroutakeda
2
740
来たるべき 8.0 に備えて React 19 新機能と React Router 固有機能の取捨選択とすり合わせを考える
oukayuka
2
890
High-Level Programming Languages in AI Era -Human Thought and Mind-
hayat01sh1da
PRO
0
720
Featured
See All Featured
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
2.9k
Build your cross-platform service in a week with App Engine
jlugia
231
18k
Into the Great Unknown - MozCon
thekraken
39
1.9k
Done Done
chrislema
184
16k
Scaling GitHub
holman
459
140k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
The Language of Interfaces
destraynor
158
25k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
48
2.9k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
810
Transcript
Memory safety and the future of vulnerabilities A talk by
Andrew Lilley Brinker Approved for Public Release; Distribution Unlimited. Public Release Case Number 251031. The author’s affiliation with The MITRE Corporation is provided for identification purposes only, and is not intended to convey or imply MITRE’s concurrence with, or support for, the positions, opinions, or viewpoints expressed by the author. ©2025 The MITRE Corporation. ALL RIGHTS RESERVED.
I’m Andrew Principal Cyber Security Engineer MITRE Rustacean for
11 years I am not speaking for MITRE today.
What is memory safety?
What kinds of weaknesses? 1 buffer overflow 1. null pointer
dereference 2. use after free 3. use of uninitialized memory 4. illegal free (of an already-freed pointer, or a non- malloced pointer) 5. Michael Hicks, “What is memory safety,” http://www.pl-enthusiast.net/2014/07/21/memory-safety/ 1.
Or, this bigger list The Common Weakness Enumeration CWE
Memory Safety category
Spatial Memory Safety Out-of-bounds accesses Reads or writes, under or
over 1 Yoshua Wuyts, “What are temporal and spatial memory safety?” https://blog.yoshuawuyts.com/temporal-spatial-memory- safety/ 1.
Heartbleed was a spatial memory safety vulnerability
Why is that bad? Client: heartbeat “Hello” length 1,000 bytes
Server: heartbeat “HellobfsfhgafSocial Security Number 123456789…”
But Wait, There’s More! This is “Smashing the Stack
for Fun and Profit”
Temporal Memory Safety Use after free Use of uninitialized memory
Double-free
Memory safety is when these problems don’t happen Memory safe
languages stop memory safety problems
What languages are memory safe? From “The Case for
Memory Safe Roadmaps” Published by CISA, NSA, FBI, ASD’s ACSC, CCCS, NCSCUK, NCSCNZ, CERTNZ
Which ones aren’t? C and C
None
Rust 1.0 was May 15, 2015 Also the day of
my first date with my wife)
9 years later… The White House publishes this…
The govt. asked for input CISA / ONCD /
NSF / DARPA / OMB Request for Input RFI on open source software OSS security.
In the responses… Microsoft, Google, Cloudflare, GitHub, IBM, and many
others recommend moving to memory safe languages.
The move to memory safe languages is happening What does
this mean for vulnerabilities?
Let’s look at the CWE Top 25! In 2024 20%
are memory safety related – 35% known-exploited are memory safety related –
We’ll always have… Bad authentication / authorization – Bad neutralization
of user input – Resource exhaustion But what else? –
Micro- architectural vulnerabilities
Spectre and Meltdown Spectre: trick branch predictor into leaking data
Meltdown: read memory faster than the privilege check, then recover data from cache
These affected every Intel processor from 1995 to 2018
The hits start coming and they don’t stop coming Spectre,
Meltdown, Spectre-NG, SpectreRSB, Foreshadow, Zombieload, CROSStalk, Phantom, Zenbleed, Inception, Downfall
And it’s not just Intel! That’s from this year!
Turns out Apple CPUs since the M2 / A15 have a Load Address Predictor and Load Value Predictor. Oh no!
Problem: how to have fast processors that aren’t full of
speculative execution vulnerabilities
Cryptographic vulnerabilities
Cryptography libraries are better than they used to be
But… Primitives being correct doesn’t mean a protocol is secure
We need post-quantum cryptography Harvest now, decrypt later
Problem: many existing protocols can’t easily adapt to post-quantum cryptography
Supply Chain Vulnerabilities
Code reuse is good!
But: xz-utils Last year we narrowly avoided the worst open
source software supply chain attack in history.
Seriously, go read the story of this attack. Russ
Cox, co-creator of the Go programming language, has a great timeline
More commonly, we have stuff like this… Also: Typosquatting –
Malicious contributions – Account takeovers – Token reuse –
Conclusions
Memory safety vulns won’t disappear But they will become less
common
There’s still a lot to secure
Be Curious!
How to Reach Me Bluesky: LinkedIn: @alilleybrinker.com @alilleybrinker