@inproceedings{db2c1bc2b29f41e6ab708f1525174af6,
title = "SoK: A Practical Guideline and Taxonomy to LLVM{\textquoteright}s Control Flow Integrity",
abstract = "Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program{\textquoteright}s control flow. While Control Flow Integrity (CFI) has gained traction to mitigate this exploitation path, developers are not provided with any direction on how to apply CFI to real-world software. In this work, we establish a taxonomy mapping LLVM{\textquoteright}s forward-edge CFI variants to memory corruption vulnerability classes, offering actionable guidance for developers seeking to deploy CFI incrementally in existing codebases. Based on the Top 10 Known Exploited Vulnerabilities (KEV) list, we identify four high-impact vulnerability categories and select one representative CVE for each. We evaluate LLVM{\textquoteright}s CFI against each CVE and explain why CFI blocks exploitation in two cases while failing in the other two, illustrating its potential and current limitations. Our findings support informed deployment decisions and provide a foundation for improving the practical use of CFI in production systems.",
author = "Sabine Houy and Bruno Kreyssig and Timoth{\'e}e Riom and Alexandre Bartel and Patrick McDaniel",
note = "Publisher Copyright: {\textcopyright}2025 IEEE.; 2025 IEEE Secure Development Conference, SecDev 2025 ; Conference date: 14-10-2025 Through 16-10-2025",
year = "2025",
doi = "10.1109/SecDev66745.2025.00024",
language = "English (US)",
series = "Proceedings - 2025 IEEE Secure Development Conference, SecDev 2025",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "129--141",
booktitle = "Proceedings - 2025 IEEE Secure Development Conference, SecDev 2025",
address = "United States",
}