clearbluejarApr 10, 2024

Hot of the #ghidriff #patchdiffing press for April 2024 we have CVE-2024-26219 in HTTP.sys ๐Ÿ”ฅ

MSRC just started publishing CWE info! For this CVE we have a "CWE-476: NULL Pointer Dereference" ๐Ÿ‘€

See if you can find it ๐Ÿง

Hint: "UxLastMdlChunkNullFix"

https://gist.github.com/clearbluejar/a4917caf66a9e34d58d101225da96587

CVE-2024-26219 - HTTP.sys Denial of Service Vulnerability - Weakness: CWE-476: NULL Pointer Dereference

CVE-2024-26219 - HTTP.sys Denial of Service Vulnerability - Weakness: CWE-476: NULL Pointer Dereference - http.sys.x64.10.0.22621.3374-http.sys.x64.10.0.22621.3447.ghidrff.md

Gist
clearbluejarJan 12, 2024

hello 2024!

Hot off the #ghidriff #patchdiffing press we have the January 9, 2024โ€”KB5034122 Windows 10 22H2 x64 kernel update ...
https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248 ๐Ÿ”ฅ

Side by side view is here: https://diffpreview.github.io/?0e52d80a2f489d8a226f12da5e1c1248 ๐Ÿ‘€

This month the kernel fixes include CVE-2024-20698 ... as there are not too many changes, perhaps we find the root cause?

Take at look this function... https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248#wbaddlookupentryex ๐Ÿง

Hint: It rhymes with "vintager afterglow".

January 9, 2024โ€”KB5034122 Windows 10 22H2 x64 ntoskrnl.exe

January 9, 2024โ€”KB5034122 Windows 10 22H2 x64 ntoskrnl.exe - ntoskrnl.exe.x64.10.0.19041.3803-ntoskrnl.exe.x64.10.0.19041.3930.ghidriff.md

Gist
clearbluejarDec 13, 2023

Hot off the #ghidriff #patchdiffing press, we have the December Windows 11 22H2 x64 kernel security update KB5033375: https://gist.github.com/clearbluejar/4f0c979c314a80374402545cd1ae45cd ๐Ÿง

Side-by-side view here: https://diffpreview.github.io/?4f0c979c314a80374402545cd1ae45cd ๐Ÿ‘€

Windows 11 22H2 x64 - December 12, 2023 โ€” KB5033375

Windows 11 22H2 x64 - December 12, 2023 โ€” KB5033375 - ntoskrnl.exe.x64.10.0.22621.2792-ntoskrnl.exe.x64.10.0.22621.2861.ghidriff.md

Gist
clearbluejarNov 16, 2023

Hot off the #ghidriff #patchdiffing press we have November's Windows 11 22H2 x64 kernel update KB5032190:
https://gist.github.com/clearbluejar/02fc449d3915fed375921e9d80bac42b ๐Ÿง

Side by side view is here: https://diffpreview.github.io/?02fc449d3915fed375921e9d80bac42b ๐Ÿ‘€

clearbluejarNov 3, 2023

ghidriff v0.5.1 - usability updates, improved automated testing , and bug fixes ๐Ÿชฒ

- github workflows now test a matrix of devcontainers across versions of python, Ghidra, and Java ๐Ÿ”ฅ

https://github.com/clearbluejar/ghidriff/releases/tag/v0.5.1

#patchdiffing #ghidra #githubactions

Release v0.5.1 usability fixes, automated testing, and bug fixes ยท clearbluejar/ghidriff

What's Changed Fix workflows by @clearbluejar in #50 bump ver and update README by @clearbluejar in #52 v0.5.0 - Broken for Ghidra 10.1.5 and python <3.10 - #51 Updated default output dir tree to ...

GitHub
clearbluejarOct 20, 2023

Hot off the #ghidriff #patchdiffing press we have October's Windows 11 22H2 kernel Update KB5031354...

https://gist.github.com/clearbluejar/58af23c6b17eefae87608ef2d67d22d7 ๐Ÿ‘€

Joxean Koret (@matalaz)Oct 15, 2023

The support for finding fixed signedness issues in #Diaphora is working (to highlight potentially fixed vulnerabilites):

#BinaryDiffing #PatchDiffing

clearbluejarOct 11, 2023

say hello to ghidriff ๐Ÿ”ฅ

#ghidra #patchdiffing #Python

https://github.com/clearbluejar/ghidriff

GitHub - clearbluejar/ghidriff: Python Command-Line Ghidra Binary Diffing Engine

Python Command-Line Ghidra Binary Diffing Engine. Contribute to clearbluejar/ghidriff development by creating an account on GitHub.

GitHub
Joxean Koret (@matalaz)Oct 11, 2023

Any cool bug on this Patch Tuesday? Anything cool to diff with #Diaphora and enhance the ability to try to find patched vulnerabilities?

#PatchTuesday #PatchDiffing #BinaryDiffing #BinDiffing

Baklava MonsterOct 11, 2023

Introducing #ghidriff: a Python Command-Line Ghidra Binary Diffing Engine

#ghidra #patchdiffing #python

https://github.com/clearbluejar/ghidriff

GitHub - clearbluejar/ghidriff: Python Command-Line Ghidra Binary Diffing Engine

Python Command-Line Ghidra Binary Diffing Engine. Contribute to clearbluejar/ghidriff development by creating an account on GitHub.

GitHub