We’re pleased to announce that The Good Penguin has recently been awarded funding from Innovate UK to establish and operate a CHERI tools and software hub. What is CHERI? CHERI, or Capability Hardware Enhanced RISC Instructions, is an open, formally proven set of microprocessor architectural extensions that add strong, fine-grained memory-safety guarantees to existing Instruction …
Tag: Cheri
Exploring CHERI, RISC-V Linux Ecosystem
We’ve covered CHERI, and our involvement with the development of the ARM Morello yocto layer before, so for those who aren’t aware of what it is we recommend looking back through our previous blog posts on Introducing ARM Morello and CHERI, and Linux Yocto layer for the ARM Morello board, CHERI (Capability Hardware Enhanced RISC …
Exploiting a Buffer Overflow Vulnerability for Remote Code Execution in Nginx
Protecting devices from malicious use is often a cat-and-mouse game between security researchers identifying software vulnerabilities (CVEs) and product-makers patching them before attackers can exploit them. As a result, devices can no longer be developed, shipped and forgotten. Instead, manufacturers must commit to keeping those devices up to date and free from critical vulnerabilities for …
Baking Android for ARM Morello without Morello
Access to ARM Morello boards is fairly limited at the moment, but we can still explore the new architecture with the help of a Fixed Virtual Platform (FVP) and software stack packages that are available from ARM. In a previous blog post we provided an introduction to Arm Morello and CHERI. In this post we’re …
Introducing Arm Morello and CHERI
Most serious errors and security threats in software originate from pointer overflows, pointer overwrite and memory miss-management. This causes invalid/un-authorised memory addresses to be interpreted as valid references which in turn results in applications accessing restricted or unavailable memory. Such access can be exploited by an attacker to inject malicious data into memory, take control …