BadAlloc - Broken Memory Allocators Led to Millions of Vulnerable IoT and Embedded Devices

Explore a critical class of security vulnerabilities called "BadAlloc" in this 39-minute Black Hat conference talk. Dive into integer-overflow related issues found in popular memory allocators' core functions like malloc and calloc. Learn how these vulnerabilities affect 17 different widely used real-time operating systems, standard C libraries, IoT device SDKs, and self-memory management applications. Discover the impact of BadAlloc on millions of IoT and embedded devices worldwide, with some vulnerabilities dating back to the early 90's. Gain insights from security researchers Omri Ben-Bassat and Tamir Ariel as they present their findings and discuss the implications for device security.

Syllabus

ERROR: BadAlloc! - Broken Memory Allocators Led to Millions of Vulnerable IoT & Embedded Devices (2)

Taught by

Black Hat

Reviews

Start your review of BadAlloc - Broken Memory Allocators Led to Millions of Vulnerable IoT and Embedded Devices

Learn Backend Development Part-Time, Online

Learn Excel & Financial Modeling the Way Finance Teams Actually Use Them

Taught by

Google, IBM & Microsoft Certificates — All in One Plan

Hacking the Supply Chain - The Ripple20 Vulnerabilities Haunt Tens of Millions of Critical Devices

Bringing Memory Safety to Time Critical Embedded Systems for Automotive and Industrial Systems

Good Motive but Bad Design - Pitfalls in MPU Usage in Embedded Systems in the Wild

MIT Sloan AI Adoption: Build a Playbook That Drives Real Business ROI Ad

6 Best CompTIA Security+ Courses and Certification Prep in 2026

6 Best Courses on CISSP in 2026

[2026] 2000+ Free Developer and IT Certifications

9 Best Bug Bounty Courses for 2026: Ethical Hacking, Safer Web

9 Best Microservices Courses for 2026: Scalability, Block by Block

Never Stop Learning.