all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

196 - An OpenBSD overflow and TPM bugs [Binary Exploitation Podcast]

Add to bookmarks
March 16, 2023, midnight | DAY[0]

DAY[0] www.youtube.com

Some simple, but interesting vulnerabilities. A use-after-free because of wrong operation ordering, an interesting type confusion, an integer underflow and some OOB access in TPM 2.0 reference code.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/196.html

[00:00:00] Introduction
[00:00:27] Spot the Vuln - Just be Positive
[00:03:42] oss-sec: Linux kernel: CVE-2023-1118: UAF vulnerabilities in "drivers/media/rc" directory
[00:07:56] oss-sec: CVE-2023-1076: Linux Kernel: Type Confusion hardcodes tuntap socket UID to root
[00:11:21] GitHub - fuzzingrf/openbsd_tcpip_overflow: OpenBSD remote overflow
[00:14:36] …

access binary binary exploitation bugs code cve directory drivers exploitation free github integer introduction kernel linux linux kernel media oob openbsd oss overflow podcast reference root sec simple socket tpm tpm 2.0 type confusion uaf use-after-free vuln vulnerabilities

Visit resource

More from www.youtube.com / DAY[0]

Memory Corruption: Best Tackled with Mitigations or Safe-Languages? [254] 2 weeks, 1 day ago | www.youtube.com
amp cisa corruption evolution +11
253 - A Retrospective and Future Look Into DAY[0] 1 month, 1 week ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 2 months, 1 week ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 2 months, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 2 months, 2 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 2 months, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 2 months, 3 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 2 months, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 3 months ago | www.youtube.com
access array binary binary exploitation +21

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com