Overview
Explore a cutting-edge security research presentation on WarpAttack, a novel technique for bypassing Control Flow Integrity (CFI) through compiler-introduced double-fetches. Delve into the findings of researchers from Nanjing University and EPFL as they uncover vulnerabilities in compiler optimizations that can be exploited to circumvent CFI protections. Learn about the intricacies of double-fetch bugs, their potential impact on system security, and the implications for current CFI implementations. Gain insights into the researchers' methodology, experimental results, and proposed mitigation strategies for enhancing the robustness of CFI mechanisms against this newly discovered attack vector.
Syllabus
WarpAttack: Bypassing CFI through Compiler-Introduced Double-Fetches
Taught by
IEEE Symposium on Security and Privacy