[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET

Day[0] - A podcast by dayzerosec

Categories:

Starting off with meme vulnerabilities in UNISOC BootROMs, and ending  with a discussion about bypassing CFI/Intel CET and some fun issues in-between.   Links and summaries are available at  https://dayzerosec.com/podcast/154.html  [00:00:00] Introduction [00:00:24] Spot the Vuln - You Put Where Where?! [00:04:05] There’s Another Hole In Your SoC: Unisoc ROM Vulnerabilities [00:12:19] Crow HTTP framework use-after-free [00:17:51] Crowbleed (Crow HTTP framework vulnerability) [00:19:34] exploit for CVE-2022-2588 [00:23:24] Bypassing Intel CET with Counterfeit Objects [00:48:05] Analyzing BSD Kernels for Uninitialized Memory Disclosures using Binary Ninja [00:50:32] PS5 IPV6_2292PKTOPTIONS Use-After-Free