Black Hat: BadAlloc bugs expose millions of IoT devices to hijack

BLACK HAT USA: Microsoft researchers have explored in detail how "BadAlloc" vulnerabilities may impact millions of Internet of Things (IoT) and operational technology (OT) devices through their operating systems. 

Speaking to attendees at the Black Hat cybersecurity conference in Las Vegas, Microsoft Azure Defender for IoT researchers Omri Ben-Bassat and Tamir Ariel said XXX. 

BadAlloc is the name given to a swathe of memory allocation vulnerabilities found in IoT and OT products by Microsoft researchers. Disclosed in April, the bugs could allow "adversaries to bypass security controls in order to execute malicious code or cause a system crash," according to the firm. 

The vulnerabilities exist in memory allocation functions present in at least 17 real-time operating systems (RTOS), SDKs, and self-memory management applications, impacting and impact functions including malloc, calloc, realloc, memalign, and more. 

Impacted products included devices offered by Amazon, Arm, Google, Media Tek, Samsung, and Texas Instruments, and a number of the vulnerabilities have been lurking in devices since the early 90s. 

According to the team, the vulnerabilities can be triggered by "calling the memory allocation function, such as malloc, with the VALUE parameter derived dynamically from external input and being large enough to trigger an integer overflow or wraparound."

The wraparound ensures that the allocated memory remains small, creating a heap overflow, allowing for code execution to take place.