Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?! episode artwork

EPISODE · Mar 23, 2021 · 1H 45M

Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!

from Day[0] · host dayzerosec

Time to rewrite Linux in Rust? Probably not, but it has landed in linux-next which we talked about. We also look at a couple interesting GitHub vulns, and talk about fuzzing. [00:00:28] Rust in the Linux Kernel https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/rust?id=c77c8025525c36c9d2b9d82e4539403701276a1dhttps://www.youtube.com/watch?v=FFjV9f_Ub9o&t=2066shttps://lkml.org/lkml/2020/7/9/952https://lkml.org/lkml/2020/7/10/1261 [00:13:40] Two Undocumented Instructions to Update Microcode Discovered https://twitter.com/_markel___/status/1373059797155778562 [00:19:06] DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS https://palant.info/2021/03/15/duckduckgo-privacy-essentials-vulnerabilities-insecure-communication-and-universal-xss/ [00:26:46] Abusing VoIPmonitor for Remote Code Execution https://www.rtcsec.com/post/2021/03/bug-discovery-diaries-abusing-voipmonitor-for-remote-code-execution/ [00:32:18] Stealing arbitrary GitHub Actions secrets https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html [00:40:29] How we found and fixed a rare race condition in our session handling https://github.blog/2021-03-18-how-we-found-and-fixed-a-rare-race-condition-in-our-session-handling/ [00:49:05] GitLab - Ability To Delete User(s) Account Without User Interaction https://hackerone.com/reports/928255 [00:52:49] New Old Bugs in the Linux Kernel https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlhttps://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.03.12-linux-iscsi [01:00:33] Fuzzing: FastStone Image Viewer [CVE-2021-26236] https://voidsec.com/fuzzing-faststone-image-viewer-cve-2021-26236/ [01:06:53] A Replay-Style Deserialization Attack Against SharePoint [CVE-2021-27076] https://www.thezdi.com/blog/2021/3/17/cve-2021-27076-a-replay-style-deserialization-attack-against-sharepoint [01:12:38] One day short of a full chain: Part 2 - Chrome sandbox escape https://securitylab.github.com/research/one_day_short_of_a_fullchain_sbx [01:18:58] Code execution in Wireshark via non-http(s) schemes in URL fields https://gitlab.com/wireshark/wireshark/-/issues/17232 [01:21:59] Attacking and Defending OAuth 2.0 (Part 2 of 2: Attacking OAuth 2.0 Authorization Servers) https://www.praetorian.com/blog/attacking-and-defending-oauth-2/ [01:30:37] Fast Coverage-guided Fuzzing with Honeybee and Intel Processor Trace https://blog.trailofbits.com/2021/03/19/un-bee-lievable-performance-fast-coverage-guided-fuzzing-with-honeybee-and-intel-processor-trace/ [01:42:00] Pulling Bits From ROM Silicon Die Images: Unknown Architecture https://ryancor.medium.com/pulling-bits-from-rom-silicon-die-images-unknown-architecture-b73b6b0d4e5d [01:42:28] 0dayfans.com https://0dayfans.com/https://github.com/dayzerosec/feedgenhttps://shop.spreadshirt.com/dayzerosec/ Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)

Episode metadata supplied by the publisher feed · Published Mar 23, 2021

Time to rewrite Linux in Rust? Probably not, but it has landed in linux-next which we talked about. We also look at a couple interesting GitHub vulns, and talk about fuzzing. [00:00:28] Rust in the Linux Kernel https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/rust?id=c77c8025525c36c9d2b9d82e4539403701276a1dhttps://www.youtube.com/watch?v=FFjV9f_Ub9o&t=2066shttps://lkml.org/lkml/2020/7/9/952https://lkml.org/lkml/2020/7/10/1261 [00:13:40] Two Undocumented Instructions to Update Microcode Discovered https://twitter.com/_markel___/status/1373059797155778562 [00:19:06] DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS https://palant.info/2021/03/15/duckduckgo-privacy-essentials-vulnerabilities-insecure-communication-and-universal-xss/ [00:26:46] Abusing VoIPmonitor for Remote Code Execution https://www.rtcsec.com/post/2021/03/bug-discovery-diaries-abusing-voipmonitor-for-remote-code-execution/ [00:32:18] Stealing arbitrary GitHub Actions secrets https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html [00:40:29] How we found and fixed a rare race condition in our session handling https://github.blog/2021-03-18-how-we-found-and-fixed-a-rare-race-condition-in-our-session-handling/ [00:49:05] GitLab - Ability To Delete User(s) Account Without User Interaction https://hackerone.com/reports/928255 [00:52:49] New Old Bugs in the Linux Kernel https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.htmlhttps://github.com/grimm-co/NotQuite0DayFriday/tree/trunk/2021.03.12-linux-iscsi [01:00:33] Fuzzing: FastStone Image Viewer [CVE-2021-26236] https://voidsec.com/fuzzing-faststone-image-viewer-cve-2021-26236/ [01:06:53] A Replay-Style Deserialization Attack Against SharePoint [CVE-2021-27076] https://www.thezdi.com/blog/2021/3/17/cve-2021-27076-a-replay-style-deserialization-attack-against-sharepoint [01:12:38] One day short of a full chain: Part 2 - Chrome sandbox escape https://securitylab.github.com/research/one_day_short_of_a_fullchain_sbx [01:18:58] Code execution in Wireshark via non-http(s) schemes in URL fields https://gitlab.com/wireshark/wireshark/-/issues/17232 [01:21:59] Attacking and Defending OAuth 2.0 (Part 2 of 2: Attacking OAuth 2.0 Authorization Servers) https://www.praetorian.com/blog/attacking-and-defending-oauth-2/ [01:30:37] Fast Coverage-guided Fuzzing with Honeybee and Intel Processor Trace https://blog.trailofbits.com/2021/03/19/un-bee-lievable-performance-fast-coverage-guided-fuzzing-with-honeybee-and-intel-processor-trace/ [01:42:00] Pulling Bits From ROM Silicon Die Images: Unknown Architecture https://ryancor.medium.com/pulling-bits-from-rom-silicon-die-images-unknown-architecture-b73b6b0d4e5d [01:42:28] 0dayfans.com https://0dayfans.com/https://github.com/dayzerosec/feedgenhttps://shop.spreadshirt.com/dayzerosec/ Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST) Or the video archive on Youtube (@dayzerosec)

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!

0:00 1:45:13

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Day[0]?

This episode is 1 hour and 45 minutes long.

When was this Day[0] episode published?

This episode was published on March 23, 2021.

What is this episode about?

Time to rewrite Linux in Rust? Probably not, but it has landed in linux-next which we talked about. We also look at a couple interesting GitHub vulns, and talk about fuzzing. [00:00:28] Rust in the Linux...

Can I download this Day[0] episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!