Vulnerabilities tagged "background"

• Stack Overflow in LLVMPipe reachable from Chromium

  11 May 2021

  Cool bug, but hard to actually exploit despite getting PC control.The vuln uses GLSL, a c-like shader language that gets translated into C before being executed...

• Security probe of Qualcomm MSM data services

  11 May 2021

  First goes into some background details on QMI, what kinds of services it provides, and details on how they fuzzed the interface (used QEMU hexagon to emulate the modem in conjunction with AFL).They talk about one of the vulns the fuzzer dug up, which was a heap overflow in the voice service's `call_config_req` handler...

• Two Parallels Desktop Vulnerabilities in RDPMC Hypercall

  04 May 2021

  Two vulnerabilities and a good deal of background.Vulns happen in the UEFI Request hypercalls...

• Remote Zero-Click Exploit in Tesla Automobiles

  04 May 2021

  Two vulnerabilities, both in ConnMann a root service for managing network connections, a stack-based overflow and a stack leak.

• macOS Gatekeeper Bypass

  04 May 2021

  Gatekeeper would misclassify certain types of applications allowing them to run without any restriction. Specifically you can cause a confusion in the policy engine regarding whether the app is bundled or not...

• Man-in-the-Disk Vulnerability in WhatsApp [CVE-2021-24027]

  20 April 2021

  **tl;dr** WhatsApp stored TLS session resumption files on the sdcard where a malicious application or some social engineering attacker could read.

• Container Escape in Bitbucket Pipelines Kata Containers

  20 April 2021

  **tl;dr** Uses a known docker breakout to escape into the wrapping VM, then by replacing a logfile with a symlink you could post to locations on the host machine.

• Allow arbitrary URLs, expect arbitrary code execution

  20 April 2021

  Just an overview of how opening links is broken if you don’t check the schema and let the OS deal with it.