222 - MTE Debuts, DNS Client Exploits, and iTLB [Binary Exploitation Podcast]

As memory tagging (MTE) finally comes to a consumer device, we talk about how it may impact vulnerability research and exploit development going forward. Then we get into a few vulnerabilities including a DNS response parsing bug on the Wii U, an Adobe Acrobat bug that was exploited by a North Korean APT, and a CPU bug (iTLB Multihit).

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/222.html

[00:00:00] Introduction
[00:00:23] Hexacon 2023 Talks
[00:02:48] First handset with …

acrobat adobe adobe acrobat binary binary exploitation bug client consumer consumer device development device dns dns client exploit exploitation exploit development exploited exploits forward impact may memory parsing podcast research response tagging vulnerabilities vulnerability vulnerability research