{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T08:31:40Z","timestamp":1765960300446,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":116,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,10,16]],"date-time":"2023-10-16T00:00:00Z","timestamp":1697414400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"U.S. Office of Navy Research","award":["N00014-23-1-2158"],"award-info":[{"award-number":["N00014-23-1-2158"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,10,16]]},"DOI":"10.1145\/3607199.3607229","type":"proceedings-article","created":{"date-parts":[[2023,10,3]],"date-time":"2023-10-03T22:30:51Z","timestamp":1696372251000},"page":"623-638","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["All Use-After-Free Vulnerabilities Are Not Created Equal: An Empirical Study on Their Characteristics and Detectability"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-8910-0242","authenticated-orcid":false,"given":"Zeyu","family":"Chen","sequence":"first","affiliation":[{"name":"University of Delaware, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9660-4444","authenticated-orcid":false,"given":"Daiping","family":"Liu","sequence":"additional","affiliation":[{"name":"University of Delaware, United States of America"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6807-9999","authenticated-orcid":false,"given":"Jidong","family":"Xiao","sequence":"additional","affiliation":[{"name":"Rensselaer Polytechnic Institute, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4174-3009","authenticated-orcid":false,"given":"Haining","family":"Wang","sequence":"additional","affiliation":[{"name":"Virginia Tech, United States of America"}]}],"member":"320","published-online":{"date-parts":[[2023,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[1] 2001. https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=133773. (2001)."},{"key":"e_1_3_2_1_2_1","unstructured":"[2] 2015. https:\/\/bugs.python.org\/issue24099. (2015). Accessed: 2020-11-01."},{"key":"e_1_3_2_1_3_1","unstructured":"[3] 2015. https:\/\/bugs.python.org\/issue24101. (2015). Accessed: 2020-11-01."},{"key":"e_1_3_2_1_4_1","unstructured":"[4] 2015. https:\/\/bugs.python.org\/issue24613. (2015)."},{"key":"e_1_3_2_1_5_1","unstructured":"[5] 2015. https:\/\/bugs.python.org\/issue24097. (2015)."},{"key":"e_1_3_2_1_6_1","unstructured":"[6] 2015. https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1196581. (2015)."},{"key":"e_1_3_2_1_7_1","unstructured":"[7] 2016. https:\/\/bugzilla.kernel.org\/show_bug.cgi?id=188941. (2016)."},{"key":"e_1_3_2_1_8_1","unstructured":"[8] 2016. https:\/\/bugs.python.org\/issue27867. (2016)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"[9] 2016. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=cve-2016-0728. (2016). Accessed: 2020-07-12.","DOI":"10.1055\/s-0035-1562318"},{"key":"e_1_3_2_1_10_1","unstructured":"[10] 2017. https:\/\/hg.mozilla.org\/releases\/mozilla-beta\/rev\/fb00d84ec825. (2017)."},{"key":"e_1_3_2_1_11_1","unstructured":"[11] 2017. https:\/\/github.com\/python\/cpython\/commit\/4d3f084c035ad3dfd9f8479886c41b1b1823ace2. (2017). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_12_1","unstructured":"[12] 2017. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-15129. (2017)."},{"key":"e_1_3_2_1_13_1","unstructured":"[13] 2018. https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=39675f7a7c7e7702f7d5341f1e0d01db746543a0. (2018). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_14_1","unstructured":"[14] 2018. (2018)."},{"key":"e_1_3_2_1_15_1","unstructured":"[15] 2019. https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=9060cb719e61b685ec0102574e10337fa5f445ea. (2019)."},{"key":"e_1_3_2_1_16_1","unstructured":"[16] 2019. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-6974. (2019)."},{"key":"e_1_3_2_1_17_1","unstructured":"[17] 2020. Available online: https:\/\/google.github.io\/oss-fuzz\/. (2020). Accessed: 2020-7-19."},{"key":"e_1_3_2_1_18_1","unstructured":"[18] 2020. https:\/\/www.oracle.com\/webfolder\/technetwork\/tutorials\/obe\/java\/gc01\/index.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_19_1","unstructured":"[19] 2020. https:\/\/devguide.python.org\/garbage_collector\/. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_20_1","unstructured":"[20] 2020. https:\/\/docs.swift.org\/swift-book\/LanguageGuide\/AutomaticReferenceCounting.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_21_1","unstructured":"[21] 2020. https:\/\/en.cppreference.com\/book\/intro\/smart_pointers. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_22_1","unstructured":"[22] 2020. https:\/\/doc.rust-lang.org\/1.30.0\/book\/2018-edition\/ch04-00-understanding-ownership.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_23_1","unstructured":"[23] 2020. https:\/\/github.com\/strongcourage\/uafbench. (2020). Accessed: 2022-01-12."},{"key":"e_1_3_2_1_24_1","unstructured":"[24] 2020. https:\/\/github.com\/. (2020). Accessed: 2020-11-01."},{"key":"e_1_3_2_1_25_1","unstructured":"[25] 2020. https:\/\/bugs.python.org\/issue40294. (2020). Accessed: 2020-11-01."},{"key":"e_1_3_2_1_26_1","unstructured":"[26] 2020. https:\/\/github.com\/microsoft\/LightGBM\/pull\/2743. (2020). Accessed: 2020-11-01."},{"key":"e_1_3_2_1_27_1","unstructured":"[27] 2020. https:\/\/github.com\/ndilieto\/uacme\/commit\/de76f1926f405a6d884dc0f5bb5001ee34a1e5ad. (2020)."},{"key":"e_1_3_2_1_28_1","unstructured":"[28] 2020. https:\/\/github.com\/coturn\/coturn\/issues\/601. (2020)."},{"key":"e_1_3_2_1_29_1","unstructured":"[29] 2020. https:\/\/github.com\/scala-native\/scala-native\/pull\/2072. (2020)."},{"key":"e_1_3_2_1_30_1","unstructured":"[30] 2020. https:\/\/github.com\/verilator\/verilator\/commit\/f98782c061e1f1718677090e4adc1c7576377b68. (2020)."},{"key":"e_1_3_2_1_31_1","unstructured":"[31] 2020. https:\/\/www.cplusplus.com\/reference\/list\/list\/erase\/. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_32_1","unstructured":"[32] 2020. https:\/\/www.cplusplus.com\/reference\/list\/list\/remove\/. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_33_1","unstructured":"[33] 2020. https:\/\/github.com\/DCMTK\/dcmtk\/commit\/7c3ca88c6197af3d03b8376aeb46e6cc7d7c3724. (2020)."},{"key":"e_1_3_2_1_34_1","unstructured":"[34] 2020. https:\/\/github.com\/9fans\/plan9port\/commit\/2991442aef1cf020ffde43673433ee97ef322a53. (2020)."},{"key":"e_1_3_2_1_35_1","unstructured":"[35] 2020. https:\/\/docs.python.org\/3\/c-api\/intro.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_36_1","unstructured":"[36] 2020. https:\/\/pythonextensionpatterns.readthedocs.io\/en\/latest\/refcount.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_37_1","unstructured":"[37] 2020. https:\/\/doc.rust-lang.org\/book\/ch04-02-references-and-borrowing.html. (2020). Accessed: 2020-07-12."},{"key":"e_1_3_2_1_38_1","unstructured":"2020. Refcount Tracing and Balancing. https:\/\/firefox-source-docs.mozilla.org\/performance\/memory\/refcount_tracing_and_balancing.html. (2020)."},{"key":"e_1_3_2_1_39_1","unstructured":"[39] 2021. https:\/\/www.iso.org\/standard\/74528.html. (2021). Accessed: 2021-09-09."},{"key":"e_1_3_2_1_40_1","unstructured":"[40] 2021. https:\/\/docs.python.org\/2\/library\/array.html#array.array.fromstring. (2021). Accessed: 2021-09-09."},{"key":"e_1_3_2_1_41_1","unstructured":"[41] 2021. https:\/\/github.com\/F-Stack\/f-stack\/pull\/565. (2021)."},{"key":"e_1_3_2_1_42_1","unstructured":"[42] 2021. https:\/\/github.com\/osquery\/osquery\/pull\/6880\/files. (2021)."},{"key":"e_1_3_2_1_43_1","unstructured":"[43] 2021. https:\/\/fbinfer.com\/. (2021). Accessed: 2021-01-12."},{"key":"e_1_3_2_1_44_1","unstructured":"[44] 2021. https:\/\/www.gimpel.com\/. (2021). Accessed: 2021-01-12."},{"key":"e_1_3_2_1_45_1","unstructured":"[45] 2022. https:\/\/docs.oracle.com\/cd\/E19205-01\/820-0619\/geojs\/index.html. (2022). Accessed: 2022-01-17."},{"key":"e_1_3_2_1_46_1","unstructured":"[46] 2023. https:\/\/clang.llvm.org\/. (2023)."},{"key":"e_1_3_2_1_47_1","unstructured":"[47] 2023. https:\/\/llvm.org\/. (2023)."},{"key":"e_1_3_2_1_48_1","unstructured":"[48] 2023. https:\/\/gcc.gnu.org\/. (2023)."},{"key":"e_1_3_2_1_49_1","unstructured":"Jia-Ju Bai Julia Lawall Qiu-Liang Chen and Shi-Min Hu. 2019. Effective static analysis of concurrency use-after-free bugs in Linux device drivers. In 2019 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 19). 255\u2013268."},{"key":"e_1_3_2_1_50_1","unstructured":"H. Boehm A. Demers and M. Weiser. 2002. A garbage collector for c and c++."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2017.2785841"},{"volume-title":"Finding and Preventing Bugs in JavaScript Bindings. In 2017 IEEE Symposium on Security and Privacy (SP).","author":"Brown F.","key":"e_1_3_2_1_53_1","unstructured":"F. Brown, S. Narayan, R.\u00a0S. Wahby, D. Engler, R. Jhala, and D. Stefan. 2017. Finding and Preventing Bugs in JavaScript Bindings. In 2017 IEEE Symposium on Security and Privacy (SP)."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336769"},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.50"},{"key":"e_1_3_2_1_56_1","unstructured":"Subhachandra Chandra and Peter\u00a0M. Chen. 2000. Whither Generic Recovery from Application Faults? A Fault Study Using Open-Source Software(DSN \u201900)."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"crossref","unstructured":"Andy Chou Junfeng Yang Benjamin Chelf Seth Hallem and Dawson Engler. 2001. An Empirical Study of Operating Systems Errors(SOSP \u201901).","DOI":"10.1145\/502039.502042"},{"key":"e_1_3_2_1_58_1","volume-title":"Frama-c. In International conference on software engineering and formal methods. Springer, 233\u2013247","author":"Cuoq Pascal","year":"2012","unstructured":"Pascal Cuoq, Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. 2012. Frama-c. In International conference on software engineering and formal methods. Springer, 233\u2013247."},{"key":"e_1_3_2_1_59_1","volume-title":"Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In 26th USENIX Security Symposium(USENIX Security \u201917)","author":"Dang H.Y.","year":"2017","unstructured":"Thurston\u00a0H.Y. Dang, Petros Maniatis, and David Wagner. 2017. Oscar: A Practical Page-Permissions-Based Scheme for Thwarting Dangling Pointers. In 26th USENIX Security Symposium(USENIX Security \u201917). USENIX Association, 815\u2013832. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/dang"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2015.30"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2006.31"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"crossref","unstructured":"Michael Emmi Ranjit Jhala Eddie Kohler and Rupak Majumdar. 2009. Verifying Reference Counting Implementations. In Tools and Algorithms for the Construction and Analysis of Systems Stefan Kowalewski and Anna Philippou (Eds.).","DOI":"10.1007\/978-3-642-00768-2_30"},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945468"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/502034.502041"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11416-014-0203-1"},{"key":"e_1_3_2_1_66_1","unstructured":"Patrice Godefroid Michael\u00a0Y. Levin and David Molnar. 2008. Automated Whitebox Fuzz Testing. In NDSS."},{"volume-title":"Presented as part of the 22nd { USENIX} Security Symposium ({ USENIX} Security 13). 49\u201364.","author":"Haller Istvan","key":"e_1_3_2_1_67_1","unstructured":"Istvan Haller, Asia Slowinska, Matthias Neugschwandtner, and Herbert Bos. 2013. Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations. In Presented as part of the 22nd { USENIX} Security Symposium ({ USENIX} Security 13). 49\u201364."},{"key":"e_1_3_2_1_68_1","unstructured":"Wookhyun Han Byunggill Joe Byoungyoung Lee Chengyu Song and Insik Shin. 2018. Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing. In NDSS."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978361"},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2012.08.063"},{"key":"e_1_3_2_1_71_1","doi-asserted-by":"publisher","DOI":"10.1145\/2254064.2254075"},{"key":"e_1_3_2_1_72_1","volume-title":"Statically Detecting Likely Buffer Overflow Vulnerabilities. In USENIX Security Symposium.","author":"Larochelle D.","year":"2001","unstructured":"D. Larochelle and David Evans. 2001. Statically Detecting Likely Buffer Overflow Vulnerabilities. In USENIX Security Symposium."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23238"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"crossref","unstructured":"Tanakorn Leesatapornwongsa Jeffrey\u00a0F. Lukman Shan Lu and Haryadi\u00a0S. Gunawi. 2016. TaxDC: A Taxonomy of Non-Deterministic Concurrency Bugs in Datacenter Distributed Systems(ASPLOS \u201916).","DOI":"10.1145\/2872362.2872374"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44202-9_4"},{"key":"e_1_3_2_1_76_1","unstructured":"[76] Linux Kernel Organization Inc. 2020. https:\/\/bugzilla.kernel.org\/. (2020)."},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243826"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346323"},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346296"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/2872362.2872389"},{"key":"e_1_3_2_1_81_1","unstructured":"Paul\u00a0E. McKenney. 2007. Overview of Linux-Kernel Reference Counting."},{"key":"e_1_3_2_1_82_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_3_2_1_83_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815400.2815422"},{"key":"e_1_3_2_1_84_1","unstructured":"[84] Mozilla Foundation. 2020. https:\/\/bugzilla.mozilla.org. (2020)."},{"key":"e_1_3_2_1_85_1","doi-asserted-by":"publisher","DOI":"10.1145\/2366231.2337181"},{"key":"e_1_3_2_1_86_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_3_2_1_87_1","volume-title":"Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID","author":"Nguyen Manh-Dung","year":"2020","unstructured":"Manh-Dung Nguyen, S\u00e9bastien Bardin, Richard Bonichon, Roland Groz, and Matthieu Lemerre. 2020. Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities. In 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020)."},{"key":"e_1_3_2_1_88_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250736"},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.scico.2012.10.011"},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"crossref","unstructured":"Nicolas Palix Ga\u00ebl Thomas Suman Saha Christophe Calv\u00e8s Julia Lawall and Gilles Muller. 2011. Faults in Linux: Ten Years Later(ASPLOS XVI).","DOI":"10.1145\/1950365.1950401"},{"key":"e_1_3_2_1_91_1","unstructured":"[91] Python Software Foundation. 2020. https:\/\/bugs.python.org\/. (2020)."},{"key":"e_1_3_2_1_92_1","doi-asserted-by":"crossref","unstructured":"Sanjay Rawat Vivek Jain Ashish Kumar Lucian Cojocar Cristiano Giuffrida and Herbert Bos. 2017. VUzzer: Application-aware Evolutionary Fuzzing.. In NDSS Vol.\u00a017. 1\u201314.","DOI":"10.14722\/ndss.2017.23404"},{"volume-title":"OSS-Fuzz - Google\u2019s continuous fuzzing service for open source software","author":"Serebryany Kostya","key":"e_1_3_2_1_93_1","unstructured":"Kostya Serebryany. 2017. OSS-Fuzz - Google\u2019s continuous fuzzing service for open source software. USENIX Association."},{"key":"e_1_3_2_1_94_1","unstructured":"Konstantin Serebryany Derek Bruening Alexander Potapenko and Dmitriy Vyukov. 2012. AddressSanitizer: A fast address sanity checker. In Presented as part of the 2012 { USENIX} Annual Technical Conference ({ USENIX}{ ATC} 12). 309\u2013318."},{"key":"e_1_3_2_1_95_1","volume-title":"AddressSanitizer: A Fast Address Sanity Checker. In USENIX ATC","author":"Serebryany Konstantin","year":"2012","unstructured":"Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitry Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In USENIX ATC 2012. https:\/\/www.usenix.org\/conference\/usenixfederatedconferencesweek\/addresssanitizer-fast-address-sanity-checker"},{"key":"e_1_3_2_1_96_1","doi-asserted-by":"crossref","unstructured":"Jangseop Shin Donghyun Kwon Jiwon Seo Yeongpil Cho and Y. Paek. 2019. CRCount: Pointer Invalidation with Reference Counting to Mitigate Use-after-free in Legacy C\/C++. In NDSS.","DOI":"10.14722\/ndss.2019.23541"},{"key":"e_1_3_2_1_97_1","volume-title":"Basic Statistics: Tales of Distributions.","author":"Spatz C.","year":"1981","unstructured":"C. Spatz. 1981. Basic Statistics: Tales of Distributions."},{"key":"e_1_3_2_1_98_1","volume-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution.. In NDSS, Vol.\u00a016. 1\u201316.","author":"Stephens Nick","year":"2016","unstructured":"Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution.. In NDSS, Vol.\u00a016. 1\u201316."},{"key":"e_1_3_2_1_99_1","doi-asserted-by":"publisher","DOI":"10.5555\/1496711.1496736"},{"key":"e_1_3_2_1_100_1","volume-title":"Detecting Kernel Refcount Bugs with Two-Dimensional Consistency Checking. In 30th USENIX Security Symposium (USENIX Security 21)","author":"Tan Xin","year":"2021","unstructured":"Xin Tan, Yuan Zhang, Xiyu Yang, Kangjie Lu, and Min Yang. 2021. Detecting Kernel Refcount Bugs with Two-Dimensional Consistency Checking. In 30th USENIX Security Symposium (USENIX Security 21)."},{"key":"e_1_3_2_1_101_1","volume-title":"CWE-416: Use After Free. https:\/\/cwe.mitre.org\/data\/definitions\/416.html. (June","author":"The MITRE Corporation","year":"2019","unstructured":"The MITRE Corporation. 2019. CWE-416: Use After Free. https:\/\/cwe.mitre.org\/data\/definitions\/416.html. (June 2019). Accessed: 2019-7-1."},{"key":"e_1_3_2_1_102_1","volume-title":"Search CVE List. https:\/\/cve.mitre.org\/cve\/search_cve_list.html. (Jan","author":"The MITRE Corporation","year":"2019","unstructured":"The MITRE Corporation. 2019. Search CVE List. https:\/\/cve.mitre.org\/cve\/search_cve_list.html. (Jan. 2019). Accessed: 2019-7-24."},{"key":"e_1_3_2_1_103_1","doi-asserted-by":"publisher","DOI":"10.1145\/3064176.3064211"},{"key":"e_1_3_2_1_104_1","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970337"},{"key":"e_1_3_2_1_105_1","doi-asserted-by":"publisher","DOI":"10.1145\/1287624.1287654"},{"key":"e_1_3_2_1_106_1","volume-title":"2003 International Conference on Dependable Systems and Networks, 2003. Proceedings.","author":"Gu Weining","year":"2003","unstructured":"Weining Gu, Z. Kalbarczyk, Ravishankar, K. Iyer, and Zhenyu Yang. 2003. Characterization of linux kernel behavior under errors. In 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings."},{"key":"e_1_3_2_1_107_1","volume-title":"12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)","author":"Xu Tianyin","year":"2016","unstructured":"Tianyin Xu, Xinxin Jin, Peng Huang, Yuanyuan Zhou, Shan Lu, Long Jin, and Shankar Pasupathy. 2016. Early Detection of Configuration Errors to Reduce Failure Damage. In 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI 16)."},{"key":"e_1_3_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516665"},{"key":"e_1_3_2_1_109_1","doi-asserted-by":"publisher","DOI":"10.1145\/3134600.3134620"},{"key":"e_1_3_2_1_110_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180178"},{"key":"e_1_3_2_1_111_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2662394"},{"key":"e_1_3_2_1_112_1","doi-asserted-by":"crossref","unstructured":"Yves Younan. 2015. FreeSentry: protecting against use-after-free vulnerabilities due to dangling pointers.. In NDSS.","DOI":"10.14722\/ndss.2015.23190"},{"volume-title":"11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14).","author":"Yuan Ding","key":"e_1_3_2_1_113_1","unstructured":"Ding Yuan, Yu Luo, Xin Zhuang, Guilherme\u00a0Renna Rodrigues, Xu Zhao, Yongle Zhang, Pranay\u00a0U. Jain, and Michael Stumm. 2014. Simple Testing Can Prevent Most Critical Failures: An Analysis of Production Failures in Distributed Data-Intensive Systems. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14)."},{"key":"e_1_3_2_1_114_1","volume-title":"Proceedings of the 25th USENIX Conference on Security Symposium(SEC\u201916)","author":"Yun Insu","year":"2016","unstructured":"Insu Yun, Changwoo Min, Xujie Si, Yeongjin Jang, Taesoo Kim, and Mayur Naik. 2016. APISAN: Sanitizing API Usages through Semantic Cross-Checking. In Proceedings of the 25th USENIX Conference on Security Symposium(SEC\u201916)."},{"volume-title":"american fuzzy lop","author":"Zalewski Michal","key":"e_1_3_2_1_115_1","unstructured":"Michal Zalewski. 2017. american fuzzy lop. http:\/\/lcamtuf.coredump.cx\/afl\/. (Nov. 2017). Accessed: 2019-7-31."},{"key":"e_1_3_2_1_116_1","volume-title":"PeX: A Permission Check Analysis Framework for Linux Kernel. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Zhang Tong","year":"2019","unstructured":"Tong Zhang, Wenbo Shen, Dongyoon Lee, Changhee Jung, Ahmed\u00a0M. Azab, and Ruowen Wang. 2019. PeX: A Permission Check Analysis Framework for Linux Kernel. In 28th USENIX Security Symposium (USENIX Security 19)."}],"event":{"name":"RAID 2023: The 26th International Symposium on Research in Attacks, Intrusions and Defenses","acronym":"RAID 2023","location":"Hong Kong China"},"container-title":["Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607229","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3607199.3607229","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T16:37:35Z","timestamp":1750178255000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3607199.3607229"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,16]]},"references-count":116,"alternative-id":["10.1145\/3607199.3607229","10.1145\/3607199"],"URL":"https:\/\/doi.org\/10.1145\/3607199.3607229","relation":{},"subject":[],"published":{"date-parts":[[2023,10,16]]},"assertion":[{"value":"2023-10-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}