Crashes with consequences: Serial code-reuse attack SFOP breaks Intel CET in Linux

A code-reuse attack named "Segmentation Fault Oriented Programming (SFOP)" exploits weaknesses in signal handling and Intel CET in Linux systems. SFOP is capable of bypassing Intel CET in any program by producing segmentation faults in sequence. The program under attack is first made to access a restricted area of memory and then repeatedly crashed by executing invalid instructions. Every time it receives a SIGSEGV signal in return, the attacker registers a signal handler that succeeds in crashing the program. SFOP is enabled by 12 previously unknown weaknesses that affect Linux signals.