kriware 
PHP 8 Sandbox Escape via TimeAfterFree UAF
A PoC demonstrates a PHP 8 use-after-free bug enabling bypass of disable_functions and execution of system commands on Unix-like servers.
Rene RobichaudSAP NetWeaver Memory Corruption Flaw Lets Attackers Send Corrupted Logon Tickets
https://gbhackers.com/sap-netweaver-memory-corruption-flaw/
#Infosec #Security #Cybersecurity #CeptBiro #SAP #NetWeaver #MemoryCorruption #CorruptedLogonTickets
N-gated Hacker NewsOh joy, another thrilling #update in the world of ASN.1 #APIs for #Python. 🙄 Because nothing screams excitement like deep dives into #cryptography protocols and the potential for catastrophic memory corruption, right? 🎉
https://blog.trailofbits.com/2025/04/18/sneak-peek-a-new-asn.1-api-for-python/ #ASN1 #MemoryCorruption #HackerNews #ngated
https://blog.trailofbits.com/2025/04/18/sneak-peek-a-new-asn.1-api-for-python/ #ASN1 #MemoryCorruption #HackerNews #ngated
jbz🧠 Why exploits prefer memory corruption | PACIBSP security
「 I believe that memory corruption techniques will dominate real-world exploitation that targets end-user platforms and products even after the shift to memory-safe languages makes memory unsafety bugs rarer than logic bugs. And I do not expect MTE to change this: it will just make good memory corruption bugs even rarer and harder to exploit 」
https://pacibsp.github.io/2024/why-exploits-prefer-memory-corruption.html
Wade TregaskisNSPasteboard crashes due to unsafe, internal concurrent memory mutation when handling file promises
This is a public reposting of FB14885505, in case it's helpful to anyone else or especially in case someone else has seen this too and knows how to work around it.
NSPasteboard mutates itself simultaneously from the main thread and the global concurrent Dispatch pool, w.r.t. to its internal type cache. This is surprisingly trivial to reproduce (sample code below) by just dropping, e.g. a file promise (such as by opening a PNG in Preview, revealing the thumbnails sidebar, and then dragging [...]
🛡 
High-Impact Security Vulnerabilities in Firefox 128
Date: July 9, 2024
CVE: CVE-2024-6605 CVE-2024-6606 CVE-2024-6607 CVE-2024-6608 CVE-2024-6609 CVE-2024-6610 CVE-2024-6600 CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6611 CVE-2024-6612 CVE-2024-6613 CVE-2024-6614 CVE-2024-6604 CVE-2024-6615
Vulnerability Type: Tapjacking
CWE: [[CWE-451]], [[CWE-922]]
Sources: Mozilla Security Advisory
Synopsis
Multiple security vulnerabilities were addressed in the latest Firefox 128 release, impacting both the desktop and Android versions. These vulnerabilities, if exploited, could lead to severe security breaches including tapjacking, out-of-bounds read, and memory corruption.
A list of all the CVEs mentioned in the Mozilla Foundation Security Advisory 2024-29:
Issue Summary
Mozilla announced fixes for several high-impact vulnerabilities in Firefox 128. Notably, CVE-2024-6606 which involves out-of-bounds read issues in the clipboard component, and CVE-2024-6609 related to memory corruption in the NSS library.
Technical Key Findings
CVE-2024-6605 allows attackers to overlay malicious prompts over legitimate permission dialogs, potentially tricking users into granting unwanted permissions. This vulnerability exploits the lack of a delay in activating permission prompts on Firefox Android, enabling immediate interactions which can be hijacked by malicious actors.
Vulnerable Products
- Firefox versions prior to 128
- Firefox ESR versions prior to 115.13
- Firefox Android versions prior to 128
Impact Assessment
If these vulnerabilities are exploited, attackers can perform actions such as reading out-of-bounds data, preventing users from exiting fullscreen mode, or executing arbitrary code. These can lead to unauthorized access to sensitive data, manipulation of browser behavior, and potential system compromises.
Patches or Workaround
Mozilla has released patches in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 to address these vulnerabilities. Users are advised to update to the latest versions to mitigate the risks associated with these security flaws.
Tags
#Firefox #CVE2024-6605 #Tapjacking #SecurityUpdate #Mozilla #Vulnerability #MemoryCorruption #OutOfBoundsRead
Hacker NewsBytecode Breakdown: Unraveling Factorio's Lua Security Flaws
https://memorycorruption.net/posts/rce-lua-factorio/
#ycombinator #blog #memorycorruption #security #research #Research #Pwn #Lua
https://memorycorruption.net/posts/rce-lua-factorio/
#ycombinator #blog #memorycorruption #security #research #Research #Pwn #Lua
postmodernI wrote some [intentionally vulnerable] C code. Looking for recommendations on how to make it easier for students to exploit this simple Stack Overflow.
https://github.com/ronin-rb/vuln-apps/blob/stack_overflow/stack_overflow/c/greeter.c
#memorycorruption #stackoverflow #pwnme
https://github.com/ronin-rb/vuln-apps/blob/stack_overflow/stack_overflow/c/greeter.c
#memorycorruption #stackoverflow #pwnme
Critical Vulnerability in Fluent Bit: CVE-2024-4323
Date: May 20, 2024
CVE: CVE-2024-4323
Vulnerability Type: Memory Corruption
CWE: [[CWE-787]], [[CWE-119]]
Sources: Tenable
Issue Summary
Tenable Research has identified a critical memory corruption vulnerability in Fluent Bit, designated CVE-2024-4323, within its built-in HTTP server. This vulnerability, termed "Linguistic Lumberjack," affects versions 2.0.7 through 3.0.3 and allows potential denial of service, information disclosure, or remote code execution. The issue has been fixed in the main branch and will be included in the upcoming 3.0.4 release.
Technical Key Findings
The vulnerability is rooted in improper handling of data types in the "inputs" array of the /api/v1/traces endpoint. When non-string values, such as integers or negative integers, are passed, it can lead to memory corruption. Exploits could include crashes from wild copies, heap overwrites, and disclosure of adjacent memory, potentially leading to remote code execution under specific conditions.
Vulnerable Products
- Fluent Bit versions 2.0.7 to 3.0.3
Impact Assessment
Exploitation of CVE-2024-4323 can result in significant disruptions such as service crashes, leakage of sensitive information, and in severe cases, remote code execution, which can compromise entire systems relying on Fluent Bit for logging and monitoring.
Patches or Workarounds
Users should upgrade to Fluent Bit version 3.0.4 or later. If upgrading is not immediately feasible, restricting access to the vulnerable endpoints is recommended to mitigate potential exploitation.
Tags
#CVE-2024-4323 #FluentBit #MemoryCorruption #CloudSecurity #RemoteCodeExecution #VulnerabilityManagement
pirate moo 🐮What are your thoughts on this?
Unpopular opinion: I'm for memory-safe langs, but there needs to be some realism. Even with Rust/C#/Python, a lot of orgs still use C/C++ and colleges still teach C/C++.
It's great some level of reduction occurred, but this is ultimately something that will take time. It's not something I think anyone expects to see poof into non-existence in one year.
Mem issues were the 2nd leading cause of vulns?
Yea, that's not surprising, despite this myth mem corruption is just gone with the wind. It isn't.
"...75% of analyzed mem vulnerabilities have been exploited as 0-days by threat actors..."
Real talk: This is because of their ability to RCE. NO CAP.
Also, the list implies # of vulns is relative to impact: It isn't
NOTE: I do like cpp, so I'm not like trying to harp on it or anything. There have been so many improvements to it, that I feel this should be noted.
https://www.horizon3.ai/analysis-of-2023s-known-exploited-vulnerabilities/
#memorycorruption #hacking #infosec #programming #programmers
