DirtyCred (CVE-2022-3910) for container escape
Credits @starlabs_sg
starlabs.sg/blog/2023/07-a-n…
#Linux ,#kernel , #CVE_analysis
Credits @starlabs_sg
starlabs.sg/blog/2023/07-a-n…
#Linux ,#kernel , #CVE_analysis
Exploiting Linux kernel cls_tcindex network traffic classifier (CVE-2023-1829) Excellent writeup by Vu Thi Lan ( @lanleft_ )
https://starlabs.sg/blog/2023/06-breaking-the-code-exploiting-and-examining-cve-2023-1829-in-cls_tcindex-classifier-vulnerability/…
#CVE_analysis ,
https://starlabs.sg/blog/2023/06-breaking-the-code-exploiting-and-examining-cve-2023-1829-in-cls_tcindex-classifier-vulnerability/…
#CVE_analysis ,
👍1
A Deep Dive into V8 Sandbox Escape Technique Used in In-The-Wild Exploit
We were analyzing an in-the-wild V8 vulnerability, CVE-2023–2033. Once we exploited the bug, it was not difficult to get typical exploit primitives such as addrof, read and write in V8 heap. The problem is that we need to escape the V8 sandbox in order to get code execution.
https://blog.theori.io/a-deep-dive-into-v8-sandbox-escape-technique-used-in-in-the-wild-exploit-d5dcf30681d4
# CVE-2023–2033 , #cve_analysis
We were analyzing an in-the-wild V8 vulnerability, CVE-2023–2033. Once we exploited the bug, it was not difficult to get typical exploit primitives such as addrof, read and write in V8 heap. The problem is that we need to escape the V8 sandbox in order to get code execution.
https://blog.theori.io/a-deep-dive-into-v8-sandbox-escape-technique-used-in-in-the-wild-exploit-d5dcf30681d4
# CVE-2023–2033 , #cve_analysis
👍7
Exploiting an io_uring Vulnerability in Ubuntu
https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-exploiting-an-io_uring-vulnerability-in-ubuntu/
#cve_analysis , #linux_internals , #CVE-2024-0582
This post discusses a use-after-free vulnerability, CVE-2024-0582, in io_uring in the Linux kernel. Despite the vulnerability being patched in the stable kernel in December 2023, it wasn’t ported to Ubuntu kernels for over two months, making it an easy 0day vector in Ubuntu during that time.
https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-exploiting-an-io_uring-vulnerability-in-ubuntu/
#cve_analysis , #linux_internals , #CVE-2024-0582
👍3
series on virtualization technologies and internals of various solutions (QEMU, Xen and VMWare)
Credit: @LordNoteworthy
[ 0 ] Intro: virtualization internals part 1 intro to virtualization
[ 1 ] VMWare: Virtualization Internals Part 2 - VMWare and Full Virtualization using Binary Translation
[ 2 ] Xen: Virtualization Internals Part 3 - Xen and Paravirtualization
[ 4 ] QEMU: Virtualization Internals Part 4 - QEMU
——-
related posts :
[ 0 ] Writing a simple 16 bit VM in less than 125 lines of C
[ 1 ] Write your Own Virtual Machine
[ 2 ] notes on vm and qemu escape exploit
[ 3 ] notes on VMware escape exploits by version
[ 4 ] Unpack VMProtect
#VM , #cve_analysis , #VM_internals
—-
https://t.iss.one/Source_byte
Credit: @LordNoteworthy
[ 0 ] Intro: virtualization internals part 1 intro to virtualization
[ 1 ] VMWare: Virtualization Internals Part 2 - VMWare and Full Virtualization using Binary Translation
[ 2 ] Xen: Virtualization Internals Part 3 - Xen and Paravirtualization
[ 4 ] QEMU: Virtualization Internals Part 4 - QEMU
——-
related posts :
[ 0 ] Writing a simple 16 bit VM in less than 125 lines of C
[ 1 ] Write your Own Virtual Machine
[ 2 ] notes on vm and qemu escape exploit
[ 3 ] notes on VMware escape exploits by version
[ 4 ] Unpack VMProtect
#VM , #cve_analysis , #VM_internals
—-
https://t.iss.one/Source_byte
❤6👍1😁1
Forwarded from Source Byte (Anastasia 🐞)
series on virtualization technologies and internals of various solutions (QEMU, Xen and VMWare)
Credit: @LordNoteworthy
[ 0 ] Intro: virtualization internals part 1 intro to virtualization
[ 1 ] VMWare: Virtualization Internals Part 2 - VMWare and Full Virtualization using Binary Translation
[ 2 ] Xen: Virtualization Internals Part 3 - Xen and Paravirtualization
[ 4 ] QEMU: Virtualization Internals Part 4 - QEMU
——-
related posts :
[ 0 ] Writing a simple 16 bit VM in less than 125 lines of C
[ 1 ] Write your Own Virtual Machine
[ 2 ] notes on vm and qemu escape exploit
[ 3 ] notes on VMware escape exploits by version
[ 4 ] Unpack VMProtect
#VM , #cve_analysis , #VM_internals
—-
https://t.iss.one/Source_byte
Credit: @LordNoteworthy
[ 0 ] Intro: virtualization internals part 1 intro to virtualization
[ 1 ] VMWare: Virtualization Internals Part 2 - VMWare and Full Virtualization using Binary Translation
[ 2 ] Xen: Virtualization Internals Part 3 - Xen and Paravirtualization
[ 4 ] QEMU: Virtualization Internals Part 4 - QEMU
——-
related posts :
[ 0 ] Writing a simple 16 bit VM in less than 125 lines of C
[ 1 ] Write your Own Virtual Machine
[ 2 ] notes on vm and qemu escape exploit
[ 3 ] notes on VMware escape exploits by version
[ 4 ] Unpack VMProtect
#VM , #cve_analysis , #VM_internals
—-
https://t.iss.one/Source_byte
👍3🔥2👎1