2025-fan-wallbleed
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of Chinacore
canonical link → · doi: 10.14722/ndss.2025.241094
Abstract
We disclose "Wallbleed," a memory-disclosure vulnerability in the
Great Firewall of China that leaks fragments of GFW process memory in
injected DNS responses. We characterize the leak, what it reveals
about the GFW's operational state, and the timeline of the GFW
team's response after disclosure.
Team notes
Operational-intelligence gold: a real memory-disclosure bug in the GFW
itself, which incidentally leaked GFW internals (process memory
contents, addresses) to outside observers. Even after patch, the
forensic value persists — what was leaked tells us about how the GFW
is implemented. Required reading for anyone reasoning about GFW DPI
internals.