YoVDO

BadAlloc - Broken Memory Allocators Led to Millions of Vulnerable IoT and Embedded Devices

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Software Development Courses Cybersecurity Courses Embedded Systems Courses Real-Time Operating Systems Courses

Course Description

Overview

Explore a critical class of security vulnerabilities called "BadAlloc" in this 39-minute Black Hat conference talk. Dive into integer-overflow related issues found in popular memory allocators' core functions like malloc and calloc. Learn how these vulnerabilities affect 17 different widely used real-time operating systems, standard C libraries, IoT device SDKs, and self-memory management applications. Discover the impact of BadAlloc on millions of IoT and embedded devices worldwide, with some vulnerabilities dating back to the early 90's. Gain insights from security researchers Omri Ben-Bassat and Tamir Ariel as they present their findings and discuss the implications for device security.

Syllabus

ERROR: BadAlloc! - Broken Memory Allocators Led to Millions of Vulnerable IoT & Embedded Devices (2)


Taught by

Black Hat

Related Courses

Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security Chip
Black Hat via YouTube
Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube
AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube
Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube
Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube