GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Jann Horn (jann@infosec.exchange)'s status on Saturday, 27-Sep-2025 03:41:35 JST Jann Horn Jann Horn

    For the side channel crowd:

    I wrote about how side channels in serialization can theoretically allow breaking ASLR - with a theoretical worst-case example of how a single round trip of deserializing attacker-controlled data, serializing the result again, and sending the re-serialized data to an attacker could leak an entire pointer:
    "Pointer leaks through pointer-keyed data structures"
    https://googleprojectzero.blogspot.com/2025/09/pointer-leaks-through-pointer-keyed.html

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Pointer leaks through pointer-keyed data structures
      Posted by Jann Horn, Google Project Zero Introduction Some time in 2024, during a Project Zero team discussion, we were talking about how...

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.