Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
Shencha Fan
Network and Distributed System Security (NDSS) Symposium 2025 · Day 1 · Network Security 1
This article delves into "Wallbleed," a significant memory disclosure vulnerability discovered in the **Great Firewall of China (GFW)**'s DNS injection system. Presented at the NDSS Symposium by Shencha Fan (who introduced himself as Jackson), this research uncovers a critical flaw that allowed researchers to leak sensitive network traffic and internal system information from the GFW's infrastructure. The talk highlights how a seemingly minor manipulation of a DNS query's length field could lead to the exposure of hundreds of gigabytes of data, impacting not only users within China but also individuals connecting through its network perimeter globally.
AI review
Wallbleed is exactly the kind of research that makes conference committees look smart for accepting it: a real memory disclosure bug in one of the most opaque and consequential network systems on the planet, backed by hundreds of gigs of empirical data, reverse-engineered code, and a controlled live-leakage PoC. This isn't GFW speculation or policy theater — it's a Heartbleed-class finding against a nation-state censor, with architectural intelligence as a side effect.