vulnerabilities induced by migrating to 64-bit platforms

Talk about internet security, computer security, personal security, your social security number...
Post Reply
morganism
Senior Member
Posts: 116
Joined: Tue Nov 26, 2013 9:44 pm

vulnerabilities induced by migrating to 64-bit platforms

Post by morganism » Thu Nov 17, 2016 7:34 pm

You could see this coming, but now they have a model to use in the search

https://blog.acolyer.org/2016/11/17/twice-the-bits-twice-the-trouble-vulnerabilities-induced-by-migrating-to-64-bit-platforms/

"Many software vulnerabilities are rooted in subtleties of correctly processing integers, in particular, if these integers determine the size of memory buffers or locations in memory. Leveraging these flaws, an attacker can trigger buffer overflows, write to selected memory locations, or even execute arbitrary code. "

"They did also find genuine vulnerabilities among those issues, in every single area the theory predicted they might exist. These include vulnerabilities in high profile projects such as Google’s Chromium, the GNU C Library, the Linux Kernel, and the Boost C++ Libraries. The paper contains case studies in each of these areas."
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20130410 Firefox/23.0

Post Reply