Oddbean new post about | logout
Taggart :donor: | 1 years ago (raw) | root | parent | reply | flag 
 A note on fuzzing: although we discovered this buffer overflow manually, we later tried to fuzz the vulnerable function, parse_tunables(); both AFL++ and libFuzzer re-discovered this overflow in less than a second, when provided with a dictionary of tunables (which can be compiled by running "ld.so --list-tunables"But tell me again how it's fine that we keep using memory-unsafe languages.🙄

Full technical writeup: https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
Tom | 1 years ago (raw) | root | parent | reply | flag 
 @663e5b60 https://sourceware.org/git/?p=glibc.git;a=commit;h=1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa

Gotta wait for it to flow to all the distro's. I guess that's one downside to opensource computing.
Tom | 1 years ago (raw) | root | parent | reply | flag 
 @663e5b60 Looks like there it is on Debian Sid

https://cdn.fosstodon.org/media_attachments/files/111/173/557/331/576/852/original/750d550fd379d23c.png