BUDAlloc: Defeating Use-After-Free Bugs by Decoupling Virtual Address Management from Kernel

Watch a conference presentation from USENIX Security '24 exploring BUDAlloc, an innovative one-time allocator designed to detect and prevent use-after-free vulnerabilities in unmodified binaries. Learn how researchers from KAIST developed a solution that co-designs user-level allocation with kernel functionality by separating virtual and physical address management. Discover how BUDAlloc's approach eliminates system calls when creating virtual alias and customizes the kernel page fault handler with eBPF for batched unmap requests during object freeing. Examine the performance improvements achieved, including 15% better performance than DangZero and 61% reduced memory overhead compared to FFmalloc when tested with SPEC CPU 2017.