Mastodawn

clearbluejar Apr 10, 2024

Hot of the #ghidriff #patchdiffing press for April 2024 we have CVE-2024-26219 in HTTP.sys 🔥

MSRC just started publishing CWE info! For this CVE we have a "CWE-476: NULL Pointer Dereference" 👀

See if you can find it 🧐

Hint: "UxLastMdlChunkNullFix"

https://gist.github.com/clearbluejar/a4917caf66a9e34d58d101225da96587

CVE-2024-26219 - HTTP.sys Denial of Service Vulnerability - Weakness: CWE-476: NULL Pointer Dereference

CVE-2024-26219 - HTTP.sys Denial of Service Vulnerability - Weakness: CWE-476: NULL Pointer Dereference - http.sys.x64.10.0.22621.3374-http.sys.x64.10.0.22621.3447.ghidrff.md

Gist

clearbluejar Jan 12, 2024

hello 2024!

Hot off the #ghidriff #patchdiffing press we have the January 9, 2024—KB5034122 Windows 10 22H2 x64 kernel update ...
https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248 🔥

Side by side view is here: https://diffpreview.github.io/?0e52d80a2f489d8a226f12da5e1c1248 👀

This month the kernel fixes include CVE-2024-20698 ... as there are not too many changes, perhaps we find the root cause?

Take at look this function... https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248#wbaddlookupentryex 🧐

Hint: It rhymes with "vintager afterglow".

January 9, 2024—KB5034122 Windows 10 22H2 x64 ntoskrnl.exe

January 9, 2024—KB5034122 Windows 10 22H2 x64 ntoskrnl.exe - ntoskrnl.exe.x64.10.0.19041.3803-ntoskrnl.exe.x64.10.0.19041.3930.ghidriff.md

Gist

clearbluejar Dec 13, 2023

Hot off the #ghidriff #patchdiffing press, we have the December Windows 11 22H2 x64 kernel security update KB5033375: https://gist.github.com/clearbluejar/4f0c979c314a80374402545cd1ae45cd 🧐

Side-by-side view here: https://diffpreview.github.io/?4f0c979c314a80374402545cd1ae45cd 👀

Windows 11 22H2 x64 - December 12, 2023 — KB5033375

Windows 11 22H2 x64 - December 12, 2023 — KB5033375 - ntoskrnl.exe.x64.10.0.22621.2792-ntoskrnl.exe.x64.10.0.22621.2861.ghidriff.md

Gist

clearbluejar Nov 16, 2023

Hot off the #ghidriff #patchdiffing press we have November's Windows 11 22H2 x64 kernel update KB5032190:
https://gist.github.com/clearbluejar/02fc449d3915fed375921e9d80bac42b 🧐

Side by side view is here: https://diffpreview.github.io/?02fc449d3915fed375921e9d80bac42b 👀

clearbluejar Nov 3, 2023

ghidriff v0.5.1 - usability updates, improved automated testing , and bug fixes 🪲

- github workflows now test a matrix of devcontainers across versions of python, Ghidra, and Java 🔥

https://github.com/clearbluejar/ghidriff/releases/tag/v0.5.1

#patchdiffing #ghidra #githubactions

Release v0.5.1 usability fixes, automated testing, and bug fixes · clearbluejar/ghidriff

What's Changed Fix workflows by @clearbluejar in #50 bump ver and update README by @clearbluejar in #52 v0.5.0 - Broken for Ghidra 10.1.5 and python <3.10 - #51 Updated default output dir tree to ...

GitHub

clearbluejar Oct 20, 2023

Hot off the #ghidriff #patchdiffing press we have October's Windows 11 22H2 kernel Update KB5031354...

https://gist.github.com/clearbluejar/58af23c6b17eefae87608ef2d67d22d7 👀

Joxean Koret (@matalaz)Oct 15, 2023

The support for finding fixed signedness issues in #Diaphora is working (to highlight potentially fixed vulnerabilites):

#BinaryDiffing #PatchDiffing

clearbluejar Oct 11, 2023

say hello to ghidriff 🔥

#ghidra #patchdiffing #Python

https://github.com/clearbluejar/ghidriff

GitHub - clearbluejar/ghidriff: Python Command-Line Ghidra Binary Diffing Engine

Python Command-Line Ghidra Binary Diffing Engine. Contribute to clearbluejar/ghidriff development by creating an account on GitHub.

GitHub

Joxean Koret (@matalaz)Oct 11, 2023

Any cool bug on this Patch Tuesday? Anything cool to diff with #Diaphora and enhance the ability to try to find patched vulnerabilities?

#PatchTuesday #PatchDiffing #BinaryDiffing #BinDiffing

Baklava Monster Oct 11, 2023

Introducing #ghidriff: a Python Command-Line Ghidra Binary Diffing Engine

#ghidra #patchdiffing #python

https://github.com/clearbluejar/ghidriff

GitHub - clearbluejar/ghidriff: Python Command-Line Ghidra Binary Diffing Engine

Python Command-Line Ghidra Binary Diffing Engine. Contribute to clearbluejar/ghidriff development by creating an account on GitHub.

GitHub