A hardware heavy episode as we talk about two read protection bypasses, Pixel 6 bootloader exploitation and benchmarking fuzzers.
Is the compiler making exploitation easier, these divergent representations seem to do so. We also look at a chrome UAF and a double stack overflow.
A lot of discussion about the OpenSSL vulnerability, fuzzing and exploitation. Then into a RCE in XML Signature verification, and a Samsung exploit chain.
Kicking off the week with a look at Apple's new security blog and the kalloc_type introduced into XNU, then a mix of issues including an overflow in SQLite.
A few issues this week, including an overflow in SHA-3, yet another io_uring bug, and multiple (questionably exploitable) corruptions in Edge.
We've got a few interesting vulns, a blind format string attack, Windows kernel int overflow, and a browser exploit (unchecked bounds after lowering).
Just a couple issues this week and a discussion about why you should look at old vulnerabilities and the pace exploit development advanced at.
Starting off with some discussion about XOM and CFI on the PS5 and how it impacts exploitation. Then into a uClibC issue, and hacking wireless scoreboards.
Starting off with meme vulnerabilities in UNISOC BootROMs, and ending with a discussion about bypassing CFI/Intel CET and some fun issues in-between.
This week we've got some summer highlights: the impact of MTE on Android, an iOS vuln and some primitive chaining in a Titan M exploit