Agencies urge the software industry to eliminate these vulnerabilities through the use of secure programming languages and better development practices.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a joint alert under the Secure by Design initiative, highlighting the severity of buffer overflow vulnerabilities, one of the most exploited security flaws by malicious actors.
Buffer overflow vulnerabilities, categorized under the CWE-119 classification, allow attackers to access or write information into unauthorized parts of a system’s memory. Such errors can lead to data corruption, exposure of sensitive information, execution of malicious code, and full control of the system.
Despite the existence of effective methodologies to prevent these vulnerabilities, many manufacturers continue to use insecure development practices, posing a significant risk to national and economic security. For this reason, CISA and the FBI urge the software industry to take concrete steps to eliminate such flaws in their products from the design phase.
Major risks of buffer overflows
There are two main types of buffer overflows:
- Stack-based overflows (CWE-121): Occur when a program writes more data to the stack than it can handle, overwriting critical information.
- Heap-based overflows (CWE-122): Occur when writing to dynamically allocated memory areas, which can compromise system stability.
Recent examples of exploited vulnerabilities include:
These flaws have been used by malicious actors to gain initial access to corporate networks and expand their reach within them.
Recommendations for preventing buffer overflows
CISA and the FBI recommend a series of key measures to mitigate and eliminate these vulnerabilities:
1. Use of secure programming languages
- Opt for languages with secure memory management, such as Rust, Go, or Swift, instead of traditionally insecure languages like C or C++.
- Avoid disabling security guarantees in secure languages.
2. Implementation of protections in compilers
- Enable security flags in compilers, such as Stack Canaries and Address Space Layout Randomization (ASLR), to mitigate the exploitation of flaws.
3. Use of security analysis and testing tools
- Run tools like AddressSanitizer and MemorySanitizer to detect runtime issues.
- Apply techniques such as fuzzing and static code analysis to identify vulnerabilities before deployment.
4. Development of a roadmap towards memory safety
- Establish a progressive plan to rewrite the most critical segments of code in secure languages.
- Document previous cases of buffer overflows and conduct root cause analysis to eliminate similar flaws in the future.
5. Transparency and accountability in security
- Publish detailed security reports indicating how manufacturers are addressing these issues.
- Adopt practices of responsible vulnerability disclosure, ensuring that users are informed of potential risks.
Eliminating vulnerabilities: an achievable goal
CISA and the FBI emphasize that the software industry must move towards complete elimination of buffer overflow vulnerabilities, rather than relying on temporary solutions. Adopting secure by design approaches will reduce the burden on users and minimize the risk of attacks.
The agencies’ message is clear: software manufacturers must take responsibility for the security of their products and ensure they are secure from development. At the same time, they urge consumers to demand secure solutions and to verify that companies meet these standards before acquiring software.
Commitment to security by design
The agencies remind us that the Secure by Design approach has been endorsed by 17 cybersecurity agencies worldwide, including the White House, the National Security Agency (NSA), and tech companies like Google, Microsoft, and Amazon.
Finally, CISA and the FBI reiterate that software security cannot rely on reactive solutions, but must be integrated as an essential principle in product engineering.
via: Cisa.gov