...
Many general-purpose operating systems implement a virtual memory management technique called paging (also referred to as swapping) to transfer pages between main memory and an auxiliary store, such as a disk drive. This feature is typically implemented as a task running in the kernel of the operating system and it's its operation is invisible to the running program.
...
Additionally processes with elevated privileges can disable paging by "locking" memory in place using either mlock() (Unix) or VirtualLock() (Windows). This ensures that memory in is never copied to the hard drive where it may be retained indefinitely in non-volatile storage.
...
Exceptions
Risk Assessment
Program stacks are frequently used for convenient temporary storage, because allocated memory is automatically freed when the function returns. Generally, the operating system will grow the stack as needed. However, growing the stack can fail due to a lack of memory or collision with other allocated areas of the address space (depending on the architecture). When the stack is exhausted, the operating system may terminate the program abnormally. This behavior can be exploited by an attacker to cause a denial-of-service attack in situations where the attacker can control or influence the amount of stack memory allocatedWriting sensitive data to disk preserves it for future retrieval by an attacker, who may even be able to bypass the access restrictions of the operating system by using a disk maintenance program.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
MEM06-A | 1 (low) | 1 (unlikely) | 2 (medium) | P2 | L3 |
...