Jump to content



Recommended Posts

Has anyone had the opportunity to play with any CHERI-capable gear yet? https://msrc-blog.microsoft.com/2022/01/20/an_armful_of_cheris/

By my understanding it will turn many forms of memory safety bugs into a safe crash even for existing buggy C code.


CheriABI provides complete object-granularity (and, potentially, field- or array-element-granularity) spatial memory safety. Composed with other existing mitigations, our prior analysis showed that this would have deterministically prevented around 43% of vulnerabilities submitted to MSRC in 2019. Compartmentalization could further limit the damage that an attacker could do with some of these vulnerabilities. Our ongoing work, in collaboration with the University of Cambridge and SRI, on CHERI heap temporal safety would increase this to almost 70%.

Edited by arcsinx
linkify link, if it will let me
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...