Efficient Use-After-Free Prevention with Opportunistic Page-Level Sweeping
Chanyoung Park
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Systems & Containers
In this insightful talk, Chanyoung Park introduced **HUSHVAC**, a novel and highly efficient approach to preventing **use-after-free (UAF)** vulnerabilities in software utilizing manual memory management, predominantly C and C++. The UAF vulnerability remains a critical security threat, allowing attackers to exploit dangling pointers to freed memory, leading to severe consequences such as privilege escalation, arbitrary code execution, or information leakage. Despite decades of research and mitigation efforts, a truly universal and efficient solution has remained elusive, often requiring significant performance trade-offs.