The Address Space Layout Randomization (ASLR Protection) is a security mechanism used by operating systems to randomize the memory addresses used by key areas of processes, it makes hard for attackers to find the memory location where to inject their malicious code.
The ASLR is particularly effective against stack and heap overflows and is able to prevent arbitrary code execution triggered by any other buffer overflow vulnerability. The security measures are present in almost any modern operating system, including Windows, Linux, macOS, and Android.
The group of security researchers VUSec (Vrije University in the Netherlands) have discovered a bug in a chip that could be exploited to bypass ASLR Protection exposing millions of devices to cyber attacks, and the bad news is that the flaw cannot be fixed with a software update.
The experts of the VUSec have devised an attack technique, dubbed ASLR Cache or AnC, that can bypass ASLR protection on at least 22 processor micro-architectures from popular vendors. Chips of major vendors like Intel, AMD, ARM, Allwinner, Nvidia, and others are affected by the flaw.
VUSec has notified all the affected chip vendors and software firms, including Intel, AMD, Samsung, Nvidia, Microsoft, Apple, Google, and Mozilla, more than three months ago.
A user can be hacked by simply visiting a malicious website.
MMU is tasked to map the memory allocation of programs, it constantly checks the page table to keep track of the memory addresses assigned to the applications.
The page table is usually stored in the CPU’s cache to improve performance, but the directory also shares some of its cache with untrusted applications, including web browsers.
Once obtained the memory addresses the attacker can map portions of the memory and launch further attacks, for example injecting malicious exploit codes, escalate access to the operating system, and take complete control of a machine.
The flaws related to the AnC attacks are tracked with the fallowing CVE identifiers:
(Security Affairs – hacking , ASLR Protection)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.