Conference logo

Memory Deduplication: The Curse that Keeps on Giving - Ben Gras, Kaveh Razavi, brainsmoke, Antonio Barresi

33c3 - Security - 12/29/2016

We are 4 security researchers who have collectively worked on 3 different attack techniques that all (ab)use memory deduplication in one way or another. There is a cross-vm data leak attack, a cross-vm data write attack, and an in-sandbox (MS Edge) Javascript data leak + full memory read/write attack based in MS Edge.

In this talk we detail how memory deduplication works and the many different ways it is exploited in our attacks.

Share this talk:
https://c3stream.de/Info?guid=4c92b3f4-e32a-483b-9e5f-4e8201849284