GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Azeria (azeria@mastodon.social)'s status on Wednesday, 13-Sep-2023 09:26:14 JST Azeria Azeria

    Time for an Arm-twist! CVE-2023-4039

    Tom Hebb (Meta red team) and I discovered an 0day in GCC (for AArch64 targets) during my Arm exploitation training.

    It renders stack canaries against overflows of dynamically-sized variables useless.

    https://developer.arm.com/Arm%20Security%20Center/GCC%20Stack%20Protector%20Vulnerability%20AArch64

    In conversation about a year ago from mastodon.social permalink

    Attachments



    2. https://files.mastodon.social/media_attachments/files/111/053/168/409/733/941/original/42720e71ca25313e.png
    3. No result found on File_thumbnail lookup.
      GCC Stack Protector Vulnerability AArch64
      A potential security issue in the stack-protector feature in GCC when targeting AArch64. Arm has published fixes to the GCC open-source project.
    • Embed this notice
      Kees Cook :tux: (kees@fosstodon.org)'s status on Wednesday, 13-Sep-2023 09:26:14 JST Kees Cook :tux: Kees Cook :tux:
      in reply to

      @Azeria I remain delighted that the Linux kernel eliminated VLAs back in 2018. :) I encourage everyone with a C codebase to build with -Wvla

      In conversation about a year ago permalink
      James Morris likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.