Rubicon received a distinguished paper award at EuroS&P 2025. “Microarchitectural” attacks such as Rowhammer and Spectre are often slow and unreliable. What if we had a generic mechanism to precisely place the security-sensitive data that we want to corrupt or leak at a target page to make these attacks precise and fast? Rubicon provides such a mechanism on top of the Linux buddy allocator.
The program committee wrote the following meta review about Rubicon: the paper is the first work dedicated solely to the topic of memory massaging, the practice of manipulating the system’s memory layout to facilitate attacks. It presents a principled technique that allows reliable and efficient placement of victim pages at vulnerable locations. Beyond the contribution of new techniques, the reviewers appreciate the quality of the writing as well as the promise of future source code availability, which would allow future research to easily apply the current results and to build on them.
You can find more information about Rubicon, including a link to the source code, here.