A small security research group with solid background.     We do research to solve real problems with real solutions.
Hector Ismael

Honors & Awards

IBM Country Projects (July 2016)

The project "Address space layout randomization (ASLR) for Linux S390" has been awarded by IBM in the Country Projects initiative.

The goal of our project is to improve the security of the well known ALSR protection technique (Address Space Layout Randomization). This is achieved by highly increasing the effective entropy of the memory layout using novel randomization strategies.

This work is part of the PhD. thesis of Hector Marco.

Google Patch Reward Program (March 2016)

Google rewarded us for removing the possibility to disable the ASLR in the Linux kernel for 32-bit apps.

Any user, able to run 32-bit applications in a x86 machine, could disable the ASLR by setting the RLIMIT_STACK resource to unlimited. Which was a problem when executing privileged application (i.e. setuid/setgid executables).

Now, the ASLR can no longer be disabled.

Google Patch Reward Program (September 2015)

Google rewarded us for the Offset2lib weakness fix in the Linux kernel.

ASLR design had a weakness that allowed attackers to de-randomize (i.e. effectively bypass the ASLR) shared objects (libraries) by pivoting from application code.

This is another step to improve the security of Linux systems.

Google Patch Reward Program (August 2015)

Google rewarded us for the Linux ASLR integer overflow fix which increments the stack entropy of processes by four.

This patch improves the security of all Linux processes transparently.

The issue is that the stack for processes is not properly randomized on 64 bit architectures due to an integer overflow. The security issue was present in all Linux kernel versions since April 2005, and has been included in Linux 4.0.

Google Patch Reward Program (July 2015)

Google rewarded us for the AMD Bulldozer ASLR security contribution to the Linux kernel.

This problem was identified by AMD in 2012 in a white paper called "Shared Level-1 instruction-cache performance on AMD family 15h CPUs" [pdf]. In this paper, they proposed five solutions and workarounds. Unfortunately, the final patch that they proposed and implemented in the Linux kernel reduced the entropy of the ASLR (on AMD 15h family) by 87.5%.

We have been rewarded by the novel bit-slicing ASLR randomization form which is one of the new elements of the ASLR-NG for Linux we are working on.

Packet Storm Security Bug Bounty (Dic. 2014)

Packet Storm Security awarded us for our discovery of the Offset2Lib weakness.

The offset2lib is a design weakness of the ASLR (Address Space Layout Randomization) of Linux. We demonstrated how to bypass the Linux ASLR in 64 bits in less than on second. Also, we proposed a solution which fixes the offset2lib weakness which has been rewarded by Google.

This weakness has been ranked as a 1-day vulnerability.

  Contact us Home