all InfoSec news
Zenbleed (CVE-2023-20593)
Aug. 29, 2023, 3:35 p.m. | LiveOverflow
LiveOverflow www.youtube.com
Watch part 1 about fuzzing: https://www.youtube.com/watch?v=neWc0H1k2Lc
buy my font (advertisement): https://shop.liveoverflow.com/
This video is sponsored by Google: https://security.googleblog.com/2023/08/downfall-and-zenbleed-googlers-helping.html
Original Zenbleed Writeup: https://lock.cmpxchg8b.com/zenbleed.html
Grab the code: https://github.com/google/security-research/tree/master/pocs/cpus/zenbleed
cvtsi2ss: https://www.felixcloutier.com/x86/cvtsi2ss.html
AMD Security Bulletin: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html
RIDL Video: https://www.youtube.com/watch?v=x_R1DeZxGc0
Tavis Ormandy: https://twitter.com/taviso
Chapters:
00:00 - Intro
02:27 - zenleak.asm Patterns
03:56 - The C Exploit Code
05:20 - Assembly Generation with Compiler Preprocessor
07:40 - What are XMM and YMM Registers?
11:56 …
amd amp asm assembly code compiler cpu cpus cve cve-2023-20593 exciting exploit exploit code file merge optimization patterns register trigger vulnerability zen2 zenbleed
More from www.youtube.com / LiveOverflow
Finding The .webp Vulnerability in 8s (Fuzzing with AFL++)
4 months, 1 week ago |
www.youtube.com
A Vulnerability to Hack The World - CVE-2023-4863
5 months, 1 week ago |
www.youtube.com
The Circle of Unfixable Security Issues
7 months, 2 weeks ago |
www.youtube.com
The Discovery of Zenbleed ft. Tavis Ormandy
9 months, 2 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC