mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-11-27 22:12:10 +00:00
Link to oss-security thread on CVE-2022-0185
This commit is contained in:
parent
bbfcef2370
commit
65ef073088
2 changed files with 2 additions and 1 deletions
|
@ -168,6 +168,7 @@ Fuzzing frequently catches bugs that are only apparent by running a program, not
|
||||||
|
|
||||||
A recent example of how fuzzing helps spot a vulnerability in an open-source project is CVE-2022-0185: a Linux 0-day found by the Crusaders of Rust a few weeks ago. It was discovered using the syzkaller kernel fuzzer.
|
A recent example of how fuzzing helps spot a vulnerability in an open-source project is CVE-2022-0185: a Linux 0-day found by the Crusaders of Rust a few weeks ago. It was discovered using the syzkaller kernel fuzzer.
|
||||||
|
|
||||||
|
=> https://www.openwall.com/lists/oss-security/2022/01/18/7 oss-security: Linux kernel: Heap buffer overflow in fs_context.c since version 5.1
|
||||||
=> https://github.com/google/syzkaller Syzkaller
|
=> https://github.com/google/syzkaller Syzkaller
|
||||||
|
|
||||||
The process was documented on Will's Root:
|
The process was documented on Will's Root:
|
||||||
|
|
|
@ -132,7 +132,7 @@ If you want to get started with fuzzing, I recommend checking out [the quick-sta
|
||||||
|
|
||||||
### Example: CVE-2022-0185
|
### Example: CVE-2022-0185
|
||||||
|
|
||||||
A recent example of how fuzzing helps spot a vulnerability in an open-source project is CVE-2022-0185: a Linux 0-day found by the Crusaders of Rust a few weeks ago. It was discovered using the [syzkaller](https://github.com/google/syzkaller) kernel fuzzer. The process was documented on Will's Root:
|
A recent example of how fuzzing helps spot a vulnerability in an open-source project is [CVE-2022-0185](https://www.openwall.com/lists/oss-security/2022/01/18/7): a Linux 0-day found by the Crusaders of Rust a few weeks ago. It was discovered using the [syzkaller](https://github.com/google/syzkaller) kernel fuzzer. The process was documented on Will's Root:
|
||||||
|
|
||||||
[CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers](https://www.willsroot.io/2022/01/cve-2022-0185.html)
|
[CVE-2022-0185 - Winning a $31337 Bounty after Pwning Ubuntu and Escaping Google's KCTF Containers](https://www.willsroot.io/2022/01/cve-2022-0185.html)
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue