Stack pivot exploit detection and mitigation

Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various "checkpoints" may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution...

Full description

Saved in:
Bibliographic Details
Main Author Sandoval, Andrew
Format Patent
LanguageEnglish
Published 18.06.2024
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
INVESTIGATING OR ANALYSING MATERIALS BY DETERMINING THEIRCHEMICAL OR PHYSICAL PROPERTIES
MEASURING
PERFORMING OPERATIONS
PHYSICAL OR CHEMICAL PROCESSES OR APPARATUS IN GENERAL
PHYSICS
SEPARATION
TESTING
TRANSPORTING
Online AccessGet full text

Cover

More Information
Summary:Examples of the present disclosure describe systems and methods for detecting and mitigating stack pivoting exploits. In aspects, various "checkpoints" may be identified in software code. At each checkpoint, the current stack pointer, stack base, and stack limit for each mode of execution may be obtained. The current stack pointer for each mode of execution may be evaluated to determine whether the stack pointer falls within a stack range between the stack base and the stack limit of the respective mode of execution. When the stack pointer is determined to be outside of the expected stack range, a stack pivot exploit is detected and one or more remedial actions may be automatically performed.
Bibliography:Application Number: US202318158621