[binary] A GPU Bug and the World's Worst Fuzzer Findings

Day[0] - A podcast by dayzerosec

Categories:

Just a couple issues this week, a cache coherency issue because the functions used to flush changes were not implemented on AARCH64. The second was using the "world's worst fuzzer" to find some bugs. Dumb fuzzer, but it worked. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/192.html [00:00:00] Introduction [00:00:24] Spot the Vuln - Targeting [00:06:16] Vulnerability Reward Program: 2022 Year in Review  - Correction: I mistakenly thought Google's Bug Hunter University was older than it is. It was started in 2021. [00:12:56] The code that wasn't there: Reading memory on an Android device by accident [00:22:37] Using the “World’s Worst Fuzzer” To Find A Kernel Bug In The FiiO M6 The DAY[0] Podcast episodes are streamed live on Twitch twice a week:  -- Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities  -- Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities  and exploits. We are also available on the usual podcast platforms:  -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063  -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt  -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz  -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9