 |
Software Engineering Institute (SEI) Podcast SeriesAuthor: Members of Technical Staff at the Software Engineering Institute
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies. Language: en Genres: Science, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
Temporal Memory Safety in C and C++: An AI-Enhanced Pointer Ownership Model
Monday, 9 February, 2026
In October 2025, CyberPress reported a critical security vulnerability in the Redis Server, an open-source in-memory database that allowed authenticated attackers to achieve remote code execution through a use-after-free flaw in the Lua scripting engine. In 2024, another prominent temporal memory safety flaw was found in the Netfilter subsystem in the Linux kernel: CVE-2024-1086. Bugs related to temporal memory safety, such as use-after-free and double-free vulnerabilities, are challenging issues in C and C++ code. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Lori Flynn, a senior software security researcher in the SEI's CERT Division, and David Svoboda, a senior software engineer, also in CERT, sit down with Tim Chick, technical manager of CERT's Applied Systems Group, to discuss recent updates to the Pointer Ownership Model for C, a modeling framework designed to improve the ability of developers to statically analyze C programs for errors involving temporal memory.
