Carter Yagemann

I'm a computer scientist and cybersecurity researcher. My interests include hacking, system design, and software engineering.

#nginx Articles


How ASLR Helps Enable Exploits (CVE-2013-2028)

The other day I was playing around with CVE-2013-2028 along with my peer Hong Hu when we came across something odd: CVE-2013-2028 is only exploitable on 64-bit GNU/Linux when ASLR is enabled. After confirming this observation multiple times, we were left very surprised. How could ASLR possibly worsen the …