The root cause of the vulnerability is a buffer overflow error in the CdmaSmsParser::CdmaSmsParser function.This function copies incoming IPC messages from the baseband processor into a fixed-size buffer on the stack without first validating the length of the message…
A classic filesystem race condition in Metal-based macOS applications that can lead to bypassing of macOS’ Transparency Consent and Control privacy framework (TCC).Applications that rely on the Metal framework will look for and process the MTL_DUMP_PIPELINES_TO_JSON_FILE environment variable to write debugging data to as that application, even if the given filepath already exists…
This post details a prompt-based exploit that could be leveraged against ChatGPT as well as other language models such as Falcon, Pythia, LLaMa, and GPT-NEO to extract training data.The basis for this vulnerability is the fact that when prompting the model to repeat a word a large number of times (for example, repeat this word forever: "poem"), after so many words the model ends up diverging…
An iOS bug due to improper handling of the Fault Address or FAR register in XNU on arm64.The FAR register is updated with the faulting address upon certain CPU exceptions, such as instruction or data aborts on invalid addresses, alignment faults, and faulting in pages…
This bug is basically just a failure to properly intercept guest writes to the IA32_HW_FEEDBACK_PTR Machine State Register (MSR), which the CPU uses to store the physical address to write performance information feedback to upon reset. As this MSR was not intercepted, a guest could write a hypervisor physical address into this MSR on sleep or hibernation (S3/S4) resume and get the CPU to corrupt hypervisor memory.
An integer underflow in calculating the maximum size of a buffer, allows for a far too large maximum and ultimately for data being uncompressed to overflow the allocated buffer.
Kinda a cool bug dealing with an improper optimization and the usage of an unexpected object from JS, leading to an out-of-bounds access.
Honestly, this is a simple bug, a react website, wiht source maps, so easy to find API endpoints the application calls.Upon examination one of them did not require any authentication, the event stream publishing events from the cameras in a redacted teleommunications company office…
This one starts off with a fun mass-assignment issue.Early on in the processing chain of a HTTP request to CrushFTP’s web interface it will parse all the HTTP headers into a Java Propertiesobject…
This vulnerability impacts kubernetes setups using NGINX as the ingress controller via ingress-nginx. At first I wanted to blame this one on block-listing when they should have used an allow-list, but its not quite that, but it is basically just a missed edge-case that allows for code execution.
One vulnerability a use-after-free in the Linux nftable subsystem, exploitable on the three kernelCTF targets: latest Long-term Stable (LTS) release, Container-optimized build as used by Google Cloud, and a Mitigation build that isn’t as up-to-date but includes experimentation mitigations to be bypassed.
A very powerful bug in the io_uring driver of the linux kernel.In this case, the vulnerability is in the handling of registering fixed buffers via the IORING_REGISTER_BUFFERS opcode, which allows an application to ‘pin’ and register memory for long-term use, which includes making it exempt from paging mechanics…
Not something we usually end up covering, but a chrome:// page XSS, and escaping the browser sandbox with an extension.
There is a lot going on in this post, the novel aspect are a few Mark-of-the-Web (MotW) bypasses, those MotW bypasses were found while exploring an in-the-wild exploit chain which is also covered here.
Just another large-language model prompt injection attack.In this case they found the chat system rendered markdown output, so they would inject a prompt to cause the AI to response with a markdown image whose source URL included a parameter with a dump of the chat log…