Security News > 2020 > June > Intel announces “exploit busting” features in its next processor chips
As far as we can see, the first wave of Intel processors that will include these new protections are the not-quite-out-yet CPUs known by the nickname "Tiger Lake", so if you're a programmer you can't actually start tinkering with the CET features just yet.
Errors in using memory are one of the leading causes of software bugs that lead to security holes, known in the trade as vulnerabilities.
When you call a program subroutine, for example getch(), which reads in the next input character, usually from the keyboard, the processor keeps track of where you CALLed it from so that the subroutine can simply run a RETurn instruction to get back where it was before, to the next instruction after the CALL. So, if you can mess with the stack, you can often mess with the next RET instruction so the program doesn't go back where it came from but instead heads off into unauthorised territory of your choice.
Another sort of bug involves modifying the memory location used by a JMP or CALL instruction to tell it where to go next - instead of diverting a program when it returns from a subroutine, you divert it when it tries to call or jump to one.
One problem with ASLR is that if attackers can somehow figure out the memory addresses that are being used on your computer right now, even though they were randomly chosen, they can modify their attack automatically simply by adjusting all gadget addresses in their exploit to suit.