Professional Documents
Culture Documents
volume of data being written exceeds the storage capacity of the memory buffer. A buffer is a
temporary memory storage region where data is held for faster processing as it moves from one
part of the system to another. A vulnerable code attempts to write beyond the allotted memory
size thereby compromising the adjacent memory buffer that holds other data since the exploited
Buffer Overflow Attack attempts to exploit this vulnerability by writing past the buffer thereby
changing the execution path of the program which may result in overwriting data in the
adjacency data layout and again unauthorize access. (Imperva, n.d). Buffer Overflow Attacks are
classified based on the memory region exploited. Stack overflow which uses stack memory while
a local function is being executed and heap overflow -the harder to exploit- are 2 of the most
common. Others are Integer overflow attacks where integer produce are larger than the integer
size and Unicode overflow attacks where Unicode characters are larger than the allocated size
(Sari, 2023).
Buffer Overflow is a software coding error or vulnerability that makes it a serious threat and one
of the best-known software security vulnerabilities that remains fairly common. The threat
severity spans from the fact that it can occur in various ways using various techniques. Likewise,
these vulnerabilities are common with popular programming languages such that do not have
buffer overflow protection or safeguards against overwriting or accessing data in their memory
built in like C/C++. The most popular operating systems (Mac OSX, Windows, and Linux) all
use code written in this language. A vulnerable code exploits across all computers using any of
the operating systems will make the impact widespread and could be catastrophic.
Data from recent trends shows that buffer overflow vulnerabilities dominate the area of remote
network penetration vulnerabilities, where anonymous users seek to gain partial or total control
of a host. This is also supported by the list of recent attacks summarized below. Buffer overflows
account for over 10,000 of the known software vulnerabilities, 23% of which are considered
severe. In addition, the attack vector comes across the network, the attack complexity is low,
there is no special privilege or user interaction required for the attack to be successful, and no
workaround currently exists to prevent the attack from occurring. Effective elimination of buffer
overflow vulnerabilities will effectively eliminate a very large portion of the most serious
security threats would also be eliminated. In 2022, the top 10 security vulnerabilities with severe
impacts were mostly critical vulnerabilities that allow for remote code execution on systems. The
(Brandefense, 2023).
A recent Buffer Overflow Attack was with the vulnerability detected ping module of the
FreeBSD operating system assigned the identifier CVE-2022-23093 which could trigger remote
code execution. The ping module reads raw IP Packets with no consideration for the possible
presence of IP option headers which could overflow the buffer by up to 40 bytes. Successful
exploitation of the vulnerability could enable an unprivileged actor to obtain the highest
Similar to the ping module vulnerability are the high-impact security vulnerabilities disclosed in
APC Smart-UPS devices that could be abused by remote adversaries as a physical weapon to
access and control them in an unauthorized manner (Lakshmanan, 2022). This vulnerability
allows complete remote access to the device. Considering these devices are deployed as the
emergency backup for mission-critical infrastructure, the impact of the complete takeover can be
dire.
Lastly in the list of recent Buffer Overflow Attacks were the high-severity flaws in the widely
used cryptography library which could result in denial-of-service (DoS) and remote code
execution. The severity of this vulnerability is based on the fact that it is an open-source
implementation of the SSL and TLS protocols used for secure communication in operating
systems and several applications. The vulnerability requires a malformed certificate that is
trusted or signed by a naming authority. In other words, CA could have signed a malicious
certificate or for the application to continue certificate verification despite failure to construct a
In conclusion, going by the fact that the 10 critical vulnerabilities of 2022 are related to remote
code execution on systems, which is also supported by the recent Buffer overflow attacks
examined where 2 of the 3 results in remote code, the severity of the overflow cannot be
overemphasized. As more codes get written, with an estimated 15 to 50 bugs for every 1,000
lines of source code and an estimated 93 billion new lines of code being written every year, this
attack is becoming more prevalent because the majority of applications are written in C and C++,
both of which have no built-in protection against accessing or overwriting data anywhere in
memory. The consequence of a sample attack was rightly described by SentinelOne as follows:
“OpenSSL vulnerability, which is so widely in use and so fundamental to the security of data on
the internet, is one that no organization can afford to overlook" (Lakshmanan, 2022). Also, the
overflow vulnerabilities can be mitigated by, performing input validation, enabling runtime
memory protection, avoiding known vulnerable functions, and using memory-safe languages.
References
https://brandefense.io/blog/vulnerability-and-malware-trends-of-2022/
security/buffer-overflow/
https://thehackernews.com/2022/11/just-in-openssl-releases-patch-for-2.html
Lakshmanan, R. (2022). Critical Ping Vulnerability Allows Remote Attackers to Take Over