A fascinating story about a #DoS #vulnerability in the Expat #XML parser

#Recursion kills: The story behind CVE-2024-8176 / #Expat 2.7.0 released, includes security fixes

https://blog.hartwork.org/posts/expat-2-7-0-released/

@loke @bagder As pentesters we regularly argued about whether a behavior can be considered a vulnerability or not. A resolution strategy that almost always worked is to ask ourselves what our recommended fix would be. Maybe including such a question in the report template could help prevent/resolve similar misunderstandings?

@bagder I started by tracking back line numbers, good for you to have some experience with the curl API :)

@bagder Attached fuzzer not matching with the provided ASAN report is an especially nice touch...

Meanwhile, if you abuse the API and don't comply, asan might complain but that's not a #curl security problem.

https://hackerone.com/reports/3302518

Any fool can write code that a computer can understand. Good programmers write code that humans can understand.

— Martin Fowler

#complexity

No CPU Challenge by Demostue Allst★rs

Evoke 2025 party Alternative Platforms compo winner.

An Amiga AGA demo that entirely runs on the copper. This is the same capture from real hardware, that was presented in the compo.

https://youtu.be/OXT5MrDdyB8
https://www.pouet.net/prod.php?which=104753

(Edit: updated YouTube link, due to audio sync issues)

#amiga #demoscene #evoke2025

@amarsaar The code now lives here for easier reference: https://github.com/blitz/l1tf-demo

wrote a new big blog post today that is very relevent to my interests. you may be interested in reading

IF YOU LOVE IT, DOWNLOAD IT.

https://erysdren.me/blog/2025-08-16/

And we're live with Pentium II: https://youtube.com/live/Jt4_ekA7q4M?feature=share

Preparing a post about lafleur, the CPython JIT fuzzer I develop.

It has found 4 JIT crashes so far:
#136996: "JIT: `executor->vm_data.valid` assertion failure in `unlink_executor`".
#137007: "JIT: assertion failure in _PyObject_GC_UNTRACK".
#137728: "Assertion failure or `SystemError` in `_PyEval_EvalFrameDefault` in a JIT build".
#137762: "Assertion failure in `optimize_uops` in a JIT build".

Contributions welcome!

https://github.com/search?q=repo%3Apython%2Fcpython+lafleur&type=issues

#Python #CPython #fuzzer #fuzzing #lafleur #JIT

@cR0w https://www.reddit.com/r/netsec/comments/1mryiha/elastic_edr_0day_microsoftsigned_driver_can_be/

(note that I said entertaining, not informative or useful...)

That "EDR 0-day" post on reddit is quite entertaining!

Made a little pornographic test case for the UK #OnlineSafetyAct, to see whether we can get Ofcom to ban AWS S3 from the United Kingdom.

http://ofcom.s3-website-us-east-1.amazonaws.com/

@codecolorist This hits hard after having spent many hours debugging shell escapes in cmdexec payloads... PowerShell is a harsh mistress, but it'd be even more gruesome if they had to do the same thing with cmd.exe :)

@albinowax Still the best one I could find for this task ;)

Doing #curl command lines in powershell can be a whole adventure: https://medium.com/@shindeshreeharsh157/my-midnight-battle-with-a-curl-command-ac6b22942f01

[RSS] tar-fs Link Directory Traversal Vulnerability

https://github.com/google/security-research/security/advisories/GHSA-xrg4-qp5w-2c3w

CVE-2025-48387

[RSS] SQLite - Integer Overflow in FTS5 Extension

https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g

@raptor @slashdot Don't forget though that he can live this way of life in large part because of his accomplishments (that also came with substantial amount of money)