all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

186 - An XNU Exploit and a Chrome Heap Overflow

Add to bookmarks
Feb. 8, 2023, 11:50 p.m. | zi

DAY[0] dayzerosec.com

First, we take a look at some positive changes to OSS Fuzz, then we dive into some vulnerabilities. This includes an XNU heap out-of-bounds write vulnerability, a Chrome heap-based overflow vulnerability, and an out-of-bounds read in cmark-gfm that, while probably not exploitable, is still intriguing.

binary-podcast chrome dive exploit fuzz hash-import-2023-02-16-04-52 oss out-of-bounds out-of-bounds write overflow podcast vulnerabilities vulnerability

Visit resource

More from dayzerosec.com / DAY[0]

252 - Bypassing KASLR and a FortiGate RCE 1 month ago | dayzerosec.com
aslr binary-podcast bypass bypassing +12
251 - RCE’ing Mailspring and a .NET CRLF Injection 1 month, 1 week ago | dayzerosec.com
attack bounty bounty-podcast bypass +9
250 - Future of Exploit Dev 1 month, 1 week ago | dayzerosec.com
binary-podcast corruption dev development +12
249 - libXPC to Root and Digital Lockpicking 1 month, 2 weeks ago | dayzerosec.com
android bounty-podcast bypass check +11
248 - Binary Ninja Free and K-LEAK 1 month, 2 weeks ago | dayzerosec.com
automated binary binary ninja binary-podcast +10
247 - Hacking Google AI and SAML 1 month, 3 weeks ago | dayzerosec.com
auth bounty-podcast bypass google +7
246 - Rust Memory Corruption??? 1 month, 4 weeks ago | dayzerosec.com
access binary-podcast code corruption +9
245 - A PHP and Joomla Bug and some DOM Clobbering 1 month, 4 weeks ago | dayzerosec.com
api bounty-podcast bug cache +15
244 - Linux Burns Down CVEs 2 months ago | dayzerosec.com
binary-podcast cves down fuzzing +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior InfoSec Manager - Risk and Compliance

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Security Analyst

@ Fortra | Mexico
View on infosec-jobs.com

Incident Responder

@ Babcock | Chester, GB, CH1 6ER
View on infosec-jobs.com

Vulnerability, Access & Inclusion Lead

@ Monzo | Cardiff, London or Remote (UK)
View on infosec-jobs.com

Information Security Analyst

@ Unissant | MD, USA
View on infosec-jobs.com
View more jobs