An empirical study on use-after-free vulnerabilities
Date
2019
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of Delaware
Abstract
For many years, use-after-free vulnerabilities have been a persistent security threat to kernels, operating systems, and user-level applications written in programming languages that are not memory safe. When left unchecked, use-after-free (UAF) vulnerabilities can be unintentionally introduced, difficult for developers to discover, and very dangerous when exploited by attackers. To assess the scope of the UAF security threat, this study has analyzed 36 previously discovered UAF vulnerabilities that occurred in the Linux kernel and the Mozilla Firefox web browser. Through this analysis, it was found that UAFs can frequently lead to the creation of severe attacks when exploited. In the most common case, almost 81% of the analyzed UAF vulnerabilities allowed for the possibility of a denial of service attack when exploited. It was also observed that 44% of the vulnerabilities could allow for arbitrary code execution if exploited. The security patches used to remove 13 UAF vulnerabilities in the Linux kernel were also analyzed, and it was found that these patches can require significant code changes to fully remove the vulnerabilities. ☐ Based on the results of this study, it is evident that better tools for detecting UAF vulnerabilities need to be developed for the effective mitigation and prevention of this long-term security threat. It is hoped that the results of this study will be used as the basis for future investigations on the nature of UAF vulnerabilities and for the development of new testing tools for UAF discovery and prevention.