Extraction and Mutation at a High Level: Template-Based Fuzzing for JavaScript Engines | Proceedings of the ACM on Programming Languages https://t.co/hHK2BzfnrA
Eternal-Tux: Crafting a Linux Kernel KSMBD 0-Click RCE Exploit from N-Days
William Liu @cor_ctf posted an article about exploiting a slab object overflow (CVE-2023-52440) and remote infoleak (CVE-2023-4130) in the kernel SMB3 daemon to gain RCE
https://t.co/kqvwX9NbSK
Beginners intro to Linux kernel fuzzing and vulnerability research by @slava_moskvin_
Part 1: https://t.co/b61r4je69j
Part 2: https://t.co/DQ8j6YfN2C
Part 3: https://t.co/Myjt0BpsPy
#Linux#cybersecurity
New way to learn Assembly: build a GUI from scratch with it.
This article walks you through GUI fundamentals while leveling up your low-level skills crazy good exercise.
How to solve a CTF challenge that requires PAC, BTI, and relative vtables bypass (HITCON CTF 2025)
https://t.co/LZDFojees7
Credits @bruce30262#infosec#ctf
(CVE-2025-48539)[406785684]Critical RCE in Android BT stack. UAF read in acl_arbiter.cc SendPacketToPeer - frees BT_HDR on L2CAP fail (no CCB), then logs dangling len. Trigger via LE connect/disconnect race.
https://t.co/59Ilm2xhz1
Pixels have provided hardware memory tagging (MTE) support since the Pixel 8. GrapheneOS deployed it in production around a month after the launch of the Pixel 8 and we use it for the kernel and nearly the entire base OS. We use it for some third party apps and users can opt-in to using it for all.
There have been multiple revisions of ARM MTE. FEAT_MTE4 (Enhanced Memory Tagging Extension) is the 4th generation of ARM MTE improvements, not the beginning of it. The baseline feature was already a game changer for defending devices. The improvements will make their way to devices providing it.
Being able to leak data via side channels is a known issue with modern CPUs with many rounds of issues being discovered and addressed. ARM has been working on fully resolving it for MTE itself. Apple CPUs have had much more severe issues with side channels than Cortex, so it's a strange jab by them.
Unlike iPhone users, GrapheneOS users have been well protected by attacks from Cellebrite and other exploit development companies.
https://t.co/o5A7QcIFom
Apple talks a big game but consistently fails to protect their users against broadly deployed exploits used at a large scale.
ARM shipped MTE support multiple years before Apple in their Cortex cores. Yes, it was discovered to have a side channel usable by local attackers. This doesn't ruin it. MTE only has 4 bit tags which is a bigger weakness than the side channel. MTE still paves the way for stronger future features.
Apple has far more severe side channels in their hardware which leak user data. It's strange to portray leaking tags as a severe issue ruining a feature when they've consistently downplayed the impact of endless side channels vulnerabilities directly leaking sensitive user data on iPhones and Macs.