
Temporal Memory Safety in C and C++: An AI-Enhanced Pointer Ownership Model
From Software Engineering Institute (SEI) Podcast Series by Members of Technical Staff at the Software Engineering Institute
February 9, 2026 · 24 min
About this episode
The episode discusses updates to the Pointer Ownership Model for C to address temporal memory safety issues in C and C++ programming.
In October 2025, CyberPress reported a critical security vulnerability in the Redis Server, an open-source in-memory database that allowed authenticated attackers to achieve remote code execution through a use-after-free flaw in the Lua scripting engine. In 2024, another prominent temporal memory safety flaw was found in the Netfilter subsystem in the Linux kernel: CVE-2024-1086 . Bugs related to temporal memory safety, such as use-after-free and double-free vulnerabilities, are challenging issues in C and C++ code. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI) , Lori Flynn , a senior software security research er in the SEI's CERT Division, and David Svoboda , a senior software engineer, also in CERT, sit down with Tim Chick , technical manager of CERT's Applied Systems Group, to discuss recent updates to the Pointer Ownership Model for C , a modeling framework designed to improve the ability of developers to statically analyze C programs for errors involving temporal memory.
People in this episode
Host: Tim Chick
Guests: Lori Flynn, David Svoboda
Topics covered
- memory safety
- C programming
- C++ programming
- security vulnerabilities
- pointer ownership model
- static analysis
Keywords
- temporal memory safety
- use-after-free
- double-free
- C programming
- C++ programming
- security vulnerabilities
- Pointer Ownership Model
Mentioned in this episode
Organizations: Carnegie Mellon University Software Engineering Institute, Redis Server, Linux
More episodes of Software Engineering Institute (SEI) Podcast Series
- An LLM Evaluation Framework for High-Stakes AI · June 11, 2026 · 17 min
- Protecting AI Systems Against Data Poisoning · June 4, 2026 · 20 min
- Goal-Line Defense: A Tool to Discover and Mitigate UEFI Vulnerabilities · April 15, 2026 · 41 min
- Leadership, Legacy, and the Power of Mentors: Insights from Dr. Paul Nielsen · April 6, 2026 · 19 min
- With a Little Help from Our Civilian Friends: Cybersecurity Reserve Is Both Feasible and Advisable · March 20, 2026 · 49 min
- Maturing AI Adoption: From Chaos to Consistency · March 2, 2026 · 26 min
Explore listener stats, chart rankings, contacts and more on the Software Engineering Institute (SEI) Podcast Series podcast page.