Mitigating Use-after-Free Attack Using Library Considering Size and Number of Freed Memory

Use-after-free (UAF) vulnerabilities, which are abused by exploiting a dangling pointer that refers to a freed memory, execute an arbitrary code. The vulnerability is caused by bug in a program. In particular, it is contained in a large scale program such as browser. HeapRevolver [1] [2], which prohibits freed memory area from being reused for a certain period, has been proposed. HeapRevolver in Windows uses the number of the freed memory areas for prohibiting as a trigger to release the freed memory area. In other words, HeapRevolver uses the number of the freed memory areas as a threshold for releasing. However, when the size of individual freed memory areas is large, the HeapRevolver on Windows increases the memory overhead. In this paper, we propose improved HeapRevolver for Windows considering the size and number of the freed memory areas. Improved HeapRevolver enables to prohibit the reuse of the certain number of the freed memory areas at any time via the size and number of the freed memory areas as a threshold. The evaluation results show that the improved HeapRevolver can prevent attacks that exploiting UAF vulnerabilities. In particular, when the size of individual freed memory areas is small in the programs, it is effective to decrease the attack success rate

Mitigating Use-After-Free Attacks Using Memory-Reuse-Prohibited Library

Recently, there has been an increase in use-after-free (UAF) vulnerabilities, which are exploited using a dangling pointer that refers to a freed memory. In particular, large-scale programs such as browsers often include many dangling pointers, and UAF vulnerabilities are frequently exploited by drive-by download attacks. Various methods to prevent UAF attacks have been proposed. However, only a few methods can effectively prevent UAF attacks during runtime with low overhead. In this paper, we propose HeapRevolver, which is a novel UAF attackprevention method that delays and randomizes the timing of release of freed memory area by using a memory-reuse-prohibited library, which prohibits a freed memory area from being reused for a certain period. The first condition for reuse is that the total size of the freed memory area is beyond the designated size. The threshold for the conditions of reuse of the freed memory area can be randomized by HeapRevolver. Furthermore, we add a second condition for reuse in which the freed memory area is merged with an adjacent freed memory area before release. Furthermore, HeapRevolver can be applied without modifying the target programs. In this paper, we describe the design and implementation of HeapRevolver in Linux and Windows, and report its evaluation results. The results show that HeapRevolver can prevent attacks that exploit existing UAF vulnerabilities. In addition, the overhead is small

Empagliflozin in Patients with Chronic Kidney Disease

Background The effects of empagliflozin in patients with chronic kidney disease who are at risk for disease progression are not well understood. The EMPA-KIDNEY trial was designed to assess the effects of treatment with empagliflozin in a broad range of such patients. Methods We enrolled patients with chronic kidney disease who had an estimated glomerular filtration rate (eGFR) of at least 20 but less than 45 ml per minute per 1.73 m(2) of body-surface area, or who had an eGFR of at least 45 but less than 90 ml per minute per 1.73 m(2) with a urinary albumin-to-creatinine ratio (with albumin measured in milligrams and creatinine measured in grams) of at least 200. Patients were randomly assigned to receive empagliflozin (10 mg once daily) or matching placebo. The primary outcome was a composite of progression of kidney disease (defined as end-stage kidney disease, a sustained decrease in eGFR to < 10 ml per minute per 1.73 m(2), a sustained decrease in eGFR of & GE;40% from baseline, or death from renal causes) or death from cardiovascular causes. Results A total of 6609 patients underwent randomization. During a median of 2.0 years of follow-up, progression of kidney disease or death from cardiovascular causes occurred in 432 of 3304 patients (13.1%) in the empagliflozin group and in 558 of 3305 patients (16.9%) in the placebo group (hazard ratio, 0.72; 95% confidence interval [CI], 0.64 to 0.82; P < 0.001). Results were consistent among patients with or without diabetes and across subgroups defined according to eGFR ranges. The rate of hospitalization from any cause was lower in the empagliflozin group than in the placebo group (hazard ratio, 0.86; 95% CI, 0.78 to 0.95; P=0.003), but there were no significant between-group differences with respect to the composite outcome of hospitalization for heart failure or death from cardiovascular causes (which occurred in 4.0% in the empagliflozin group and 4.6% in the placebo group) or death from any cause (in 4.5% and 5.1%, respectively). The rates of serious adverse events were similar in the two groups. Conclusions Among a wide range of patients with chronic kidney disease who were at risk for disease progression, empagliflozin therapy led to a lower risk of progression of kidney disease or death from cardiovascular causes than placebo