-
CVE-2024-57878 – Linux Kernel Arm64 Ptrace FPMR Initialization Leak
CVE ID : CVE-2024-57878 Published : Jan. 11, 2025, 3:15 p.m. | 1 day ago Description : In the Linux kernel, the following vulnerability has been resolved: arm64: ptrace: fix partial SETREGSET for NT_ARM_FPMR Currently fpmr_set() doesn’t initialize the temporary ‘fpmr’ variable, and a SETREGSET call with a length of zero will leave this uninitialized. Consequently…
-
Back in 2012, Mark and I detailed a number of iOS kernel mitigations that were introduced in iOS 6 to prevent an attacker from leveraging well-known exploitation techniques such as the zone free list pointer overwrite. Most of these mitigations rely on entropy (of varying degree) provided by the kernel, and are therefore supported by a separate…
-
BlackPwn: BlackPhone SilentText Type Confusion Vulnerability
Privacy is a hot topic at the moment – it continues to dominate the headlines as news of new NSA incursions, celebrity phone hacks, and corporate breaches are being reported on an increasingly regular basis. In response to this, a number of products have been brought to market that attempt to provide consumers with a…