EPISODE · Sep 29, 2022 · 53 MIN
[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET
from Day[0] · host dayzerosec
Starting off with meme vulnerabilities in UNISOC BootROMs, and ending with a discussion about bypassing CFI/Intel CET and some fun issues in-between. Links and summaries are available at https://dayzerosec.com/podcast/154.html [00:00:00] Introduction [00:00:24] Spot the Vuln - You Put Where Where?! [00:04:05] There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities [00:12:19] Crow HTTP framework use-after-free [00:17:51] Crowbleed (Crow HTTP framework vulnerability) [00:19:34] exploit for CVE-2022-2588 [00:23:24] Bypassing Intel CET with Counterfeit Objects [00:48:05] Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja [00:50:32] PS5 IPV6_2292PKTOPTIONS Use-After-Free
What this episode covers
Starting off with meme vulnerabilities in UNISOC BootROMs, and ending with a discussion about bypassing CFI/Intel CET and some fun issues in-between. Links and summaries are available at https://dayzerosec.com/podcast/154.html [00:00:00] Introduction [00:00:24] Spot the Vuln - You Put Where Where?! [00:04:05] There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities [00:12:19] Crow HTTP framework use-after-free [00:17:51] Crowbleed (Crow HTTP framework vulnerability) [00:19:34] exploit for CVE-2022-2588 [00:23:24] Bypassing Intel CET with Counterfeit Objects [00:48:05] Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja [00:50:32] PS5 IPV6_2292PKTOPTIONS Use-After-Free
NOW PLAYING
[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET
No transcript for this episode yet
Similar Episodes
Sep 22, 2023 ·20m
Sep 22, 2023 ·20m
Sep 22, 2023 ·27m
Sep 22, 2023 ·14m
Sep 22, 2023 ·24m
Sep 22, 2023 ·22m