Vasileios Kemerlis<p>📢 Last week, Brown Secure Systems Lab (SSL, <a href="https://gitlab.com/brown-ssl/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gitlab.com/brown-ssl/</span><span class="invisible"></span></a>) was at the IEEE Symposium on Security and Privacy (S&P) 2025, where we presented our latest work on hardening OS kernels against attacks that (ab)use heap-based memory-safety vulnerabilities. <a href="https://infosec.exchange/tags/IUBIK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IUBIK</span></a> leverages memory tagging (MTE) and pointer authentication (PA), available in <a href="https://infosec.exchange/tags/ARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ARM</span></a> CPUs, to efficiently and effectively isolate attacker-controlled input from security-critical data in the kernel heap.</p><p>👏 Kudos to Marius Momeu (leading author) who did a terrific job presenting our paper -- joint work with Alexander Gaidis (Brown University) and Jasper von der Heidt (Technical University of Munich).</p><p>✳️ Paper: <a href="https://cs.brown.edu/~vpk/papers/iubik.sp25.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cs.brown.edu/~vpk/papers/iubik</span><span class="invisible">.sp25.pdf</span></a> </p><p>💾 Code: <a href="https://github.com/tum-itsec/iubik" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/tum-itsec/iubik</span><span class="invisible"></span></a> (coming soon)</p><p><a href="https://infosec.exchange/tags/iubik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iubik</span></a> <a href="https://infosec.exchange/tags/mte" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mte</span></a> <a href="https://infosec.exchange/tags/pac" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pac</span></a> <a href="https://infosec.exchange/tags/acm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>acm</span></a> <a href="https://infosec.exchange/tags/brownssl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>brownssl</span></a> <a href="https://infosec.exchange/tags/browncs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browncs</span></a> <a href="https://infosec.exchange/tags/ieeesp2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ieeesp2025</span></a></p>