[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET
Starting off with meme vulnerabilities in UNISOC BootROMs, and ending with a discussion about bypassing CFI/Intel CET and some fun issues in-between.
Links and summaries are available at https://dayzerosec.com/podcast/154.html
[00:00:00] Introduction [00:00:24] Spot the Vuln - You Put Where Where?!
[00:04:05] There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities
[00:12:19] Crow HTTP framework use-after-free
[00:17:51] Crowbleed (Crow HTTP framework vulnerability)
[00:19:34] exploit for CVE-2022-2588
[00:23:24] Bypassing Intel CET with Counterfeit Objects
[00:48:05] Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja
[00:50:32] PS5 IPV6_2292PKTOPTIONS Use-After-Free
Create your
podcast in
minutes
It is Free