"No way to prevent this" say users of only language where this regularly happens

from blog Xe Iaso's blog, | ↗ original
In the hours following the release of CVE-2024-9632 for the project X.org, site reliability workers and systems administrators scrambled to desperately rebuild and patch all their systems to fix a buffer overflow that allows an attacker with access to raw X client calls to arbitrarily read and write memory, allowing for privilege...
This is a short summary. ↗ Open original to view full content

Related

CVE-2023-6351 – Update Chrome Now!
ShavingTheYak | original ↗
Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty
Blog | Sam Curry | original ↗
"No way to prevent this" say users of only language where this regularly happens
Xe Iaso's blog | original ↗
"No way to prevent this" say users of only language where this regularly happens
Xe Iaso's blog | original ↗
Rust doesn't solve the CrowdStrike outage
Julio Merino (jmmv.dev) | original ↗
"No way to prevent this" say users of only language where this regularly happens
Xe Iaso's blog | original ↗
My journey to disclosing a vulnerability that can lock up millions in Ethereum
GEEK.SG | original ↗
CVE-2010-4258: Turning denial-of-service into privilege escalation
Posts on Made of Bugs | original ↗
Some notes on CVE-2010-3081 exploitability
Posts on Made of Bugs | original ↗
CVE-2007-4573: The Anatomy of a Kernel Exploit
Posts on Made of Bugs | original ↗

More from Xe Iaso's blog

Follow me on Bluesky!
13 Nov 2024 | original ↗

tl;dr: Follow @xeiaso.net on Bluesky

Nomadic Infrastructure Design for AI Workloads
12 Nov 2024 | original ↗

Taco Bell is a miracle of food preparation. They manage to have a menu of dozens of items that all boil down to permutations of 8 basic items: meat, cheese, beans, vegetables, bread, and sauces. Those basic fundamentals are combined in new and interesting ways to give you the crunchwrap, the chalupa, the doritos ...

Hello again, Kubernetes
9 Nov 2024 | original ↗

Yeah, yeah, we know; freight train to mail a letter, etc.

My first deploys for a new Kubernetes cluster
3 Nov 2024 | original ↗

This is documentation for myself, but you may enjoy it too

The return of Stealth Mountain
29 Oct 2024 | original ↗

It's more than a sneaky peak, it's a legend reborn.