Abstract
Bugs or errors in handling memory allocation and deallocation can lead to use-after-free (UAF) vulnerabilities. Such cases involve programs accessing memory locations that have been freed by deallocation. Malicious actors try to exploit UAF vulnerabilities to cause various adverse effects with potentially severe operational consequences. This disclosure presents an alternative protection approach by replacing the use of a single memory heap with multiple policy-limited memory heaps. At runtime, each of the distinct memory heaps can be randomly assigned a policy to limit the type(s) of objects that can exist within it. The random policy assignment reduces the likelihood of malicious actors being able to exploit UAF vulnerabilities to inject their desired objects in deallocated memory from 100% to 1/N%, where N is the number of policy-limited memory heaps in operation.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Mason, Joshua, "Protecting Against Use-After-Free Exploits with Multiple Policy-limited Memory Heaps", Technical Disclosure Commons, (June 04, 2025)
https://www.tdcommons.org/dpubs_series/8198