Buffer overflow vulnerabilities in CUDA: a preliminary analysis

被引:17
|
作者
Miele, Andrea [1 ]
机构
[1] Ecole Polytech Fed Lausanne, LACAL, CH-1015 Lausanne, Switzerland
来源
JOURNAL OF COMPUTER VIROLOGY AND HACKING TECHNIQUES | 2016年 / 12卷 / 02期
关键词
17;
D O I
10.1007/s11416-015-0251-1
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We present a preliminary study of buffer overflow vulnerabilities in CUDA software running on GPUs. We show how an attacker can overrun a buffer to corrupt sensitive data or steer the execution flow by overwriting function pointers, e.g., manipulating the virtual table of a C++ object. In view of a potential mass market diffusion of GPU accelerated software this may be a major concern.
引用
收藏
页码:113 / 120
页数:8
相关论文
共 50 条
  • [1] Buffer overflow and format string overflow vulnerabilities
    Lhee, KS
    Chapin, SJ
    [J]. SOFTWARE-PRACTICE & EXPERIENCE, 2003, 33 (05): : 423 - 460
  • [2] Static analysis method for detecting buffer overflow vulnerabilities
    Puchkov, FM
    Shapchenko, KA
    [J]. PROGRAMMING AND COMPUTER SOFTWARE, 2005, 31 (04) : 179 - 189
  • [3] Static Analysis Method for Detecting Buffer Overflow Vulnerabilities
    F. M. Puchkov
    K. A. Shapchenko
    [J]. Programming and Computer Software, 2005, 31 : 179 - 189
  • [4] Precisely detecting buffer overflow vulnerabilities
    Wang, Lei
    Li, Ji
    Li, Bo-Yang
    [J]. Tien Tzu Hsueh Pao/Acta Electronica Sinica, 2008, 36 (11): : 2200 - 2204
  • [5] Defending against Buffer-Overflow Vulnerabilities
    Padmanabhuni, Bindu Madhavi
    Tan, Hee Beng Kuan
    [J]. COMPUTER, 2011, 44 (11) : 53 - 60
  • [6] ASSESSING TEST SUITES FOR BUFFER OVERFLOW VULNERABILITIES
    Shahriar, Hossain
    Zulkernine, Mohammad
    [J]. INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, 2010, 20 (01) : 73 - 101
  • [7] A Combinatorial Approach to Detecting Buffer Overflow Vulnerabilities
    Wang, Wenhua
    Lei, Yu
    Liu, Donggang
    Kung, David
    Csallner, Christoph
    Zhang, Dazhi
    Kacker, Raghu
    Kuhn, Rick
    [J]. 2011 IEEE/IFIP 41ST INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN), 2011, : 269 - 278
  • [8] Automatic Exploit Generation for Buffer Overflow Vulnerabilities
    Xu, Luhang
    Jia, Weixi
    Dong, Wei
    Li, Yongjun
    [J]. 2018 IEEE 18TH INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C), 2018, : 463 - 468
  • [9] Statically detecting likely buffer overflow vulnerabilities
    Larochelle, D
    Evans, D
    [J]. USENIX ASSOCIATION PROCEEDINGS OF THE 10TH USENIX SECURITY SYMPOSIUM, 2001, : 177 - 189
  • [10] PointGuard™:: Protecting pointers from buffer overflow vulnerabilities
    Cowan, C
    Beattie, S
    Johansen, J
    Wagle, P
    [J]. USENIX ASSOCIATION PROCEEDINGS OF THE 12TH USENIX SECURITY SYMPOSIUM, 2003, : 91 - 104
12345