@Azeria

8.7K Followers
58 Following
64 Posts
Sneaky Bit Flipper | Azeria Labs creator | Author of “Arm Assembly Internals & Reverse Engineering”
Twitterhttps://twitter.com/fox0x01
Websitehttps://azeria-labs.com/index.html
Book Sitehttps://arm-assembly.com
Show threadAzeriaSep 12, 2023

Impact: Basically, any AArch64 software compiled with GCC & the stack protection feature (flag -fstack-protector) that is vulnerable to buffer overflows via dynamically-sized variables can be exploited without bypassing this exploit mitigation.

If you want to reproduce this bug with the PoC from the advisory on your x86/64 machine, here’s how:

Show threadAzeriaSep 12, 2023

> GCC’s stack protection feature (aka canary) is an exploit mitigation to prevent buffer overflows from overwriting saved registers on the stack to take control over the program flow. It makes exploitation much harder. You often need an additional bug to bypass this mitigation.

The issue: When targeting AArch64, this mitigation didn’t protect saved registers from overflows in C99-style dynamically allocated local variables and alloca() objects.

AzeriaSep 12, 2023

Time for an Arm-twist! CVE-2023-4039

Tom Hebb (Meta red team) and I discovered an 0day in GCC (for AArch64 targets) during my Arm exploitation training.

It renders stack canaries against overflows of dynamically-sized variables useless.

https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64

GCC Stack Protector Vulnerability AArch64

A potential security issue in the stack-protector feature in GCC when targeting AArch64. Arm has published fixes to the GCC open-source project.

AzeriaAug 7, 2023

I’m doing two book signing sessions in collaboration with Patrick Wardle at Black Hat and Defcon this year! 🥳

Black Hat:
Thursday 8/10 - 12:15pm:
BH Bookstore - Breakers Registration 2

Defcon:
Saturday 8/12 - 11:00am
Caesar’s - Alliance Ballroom - Room 321

AzeriaMar 31, 2023

My own book copy arrived today!

Words can’t express how it feels like to hold 3 years of work in your hands…

AzeriaMar 21, 2023

My new book "Arm Assembly Internals & Reverse Engineering" is up for pre-order!

Save the date for the official launch: May 9th.

Can't wait for you to dive into the world of Arm Assembly!

Check out the official book page for more info:
https://arm-assembly.com

Book Launch: Arm Assembly & Reverse Engineering

Order your copy of Blue Fox

AzeriaJan 18, 2023

Exciting news! My book is finally 100% finished and in production. The release date is scheduled for May 2023! 🥳

I’ll make an official announcement with the exact date and pre-sale links as soon as I get them.

AzeriaNov 23, 2022
Current home office vibe 🌴