[RSS] Partial Analysis of CVE-2025-38618

https://u1f383.github.io/linux/2025/08/28/partial-analysis-of-CVE-2025-38618.html

Eight years later, I’ve updated my most-starred @github repository with some new @fridadotre scripts, inspired by @spaceraccoonsec's new book “From Day Zero to Zero Day”.

Check it out: https://github.com/0xdea/frida-scripts/

I had missed this #linux #kernel discussion about #pathtraversal #vulnerabilities

[RFC] Add a prctl to disable ".." traversal in path resolution

https://lore.kernel.org/linux-fsdevel/20241211142929.247692-1-mjg59@srcf.ucam.org/T/#u

[RSS] A Quick Note on CVE-2025-38617

https://u1f383.github.io/linux/2025/08/27/a-quick-note-on-CVE-2025-38617.html

I combined DEVCORE's CVE-2024-35250 with the CVE-2024-30084 double fetch bug and the Cloud Filter memory trap technique by @tiraniddo to achieve reliable LPE without device requirements on Win10 VMs.

https://scrapco.de/blog/its-a-trap-reliable-exploitation-of-cve-2024-30084.html

checking whether the C compiler works... no

Understandable, have a nice weekend

The Register wrote a story about a single maintainer open source project, I think it's shameful and upsetting. So I wrote a blog post about it

An absolutely ridiculous amount of open source is one person projects. I have the data to prove it

https://opensourcesecurity.io/2025/08-oss-one-person/

Cisco Talos just disclosed vulnerabilities in Libbiosig, Tenda routers, SAIL image library, PDF-XChange, and Foxit Reader — all now patched by vendors: https://blog.talosintelligence.com/libbiosig-tenda-sail-pdf-xchange-foxit-vulnerabilities/

#Ghidra 11.4.2 is out:

https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_11.4.2_build

This page intentionally left blank

Look at the rate of weasel wording in OpenAI's not-really-apology:

https://openai.com/index/helping-people-when-they-need-it-most/

I'm sick and tired of people pretending they have ways to enforce LLM behavior, while all they do is weigh dices differently - they remain dices.

Trying to enforce security boundaries with a PRNG is one thing, but you definitely can't prevent reinforcing harmful behavior, because you can't even define what it is.

And this can cost lives, as we just witnessed.

The CEO of Open AI should be tried for accessory to murder -- OpenAI responds to ChatGPT helping a teen commit suicide

What a load of goddamned CRAP:

https://openai.com/index/helping-people-when-they-need-it-most/

🇪🇺 Brussels speaks clearly. @EU_Commission confirmed to us: The #DigitalMarketsAct is non-negotiable, not even as part of trade talks with Donald Trump.

💪 We welcome the EC’s reaffirmation of its commitment to neutral, robust, and evidence-based enforcement of the #DMA. But we call on the Commissioners to strengthen enforcement and make sure gatekeepers cannot get away with circumventing the law.

👉 Read the Commission’s reply: https://edri.org/wp-content/uploads/2025/08/European-Commission-response-on-US-influence-in-DMA-enforcement.pdf

"Will WebClient Start"

This awesome blog post by Steven Flores, with SpectorOps, tries to answer a question I had too: "Is it possible to start the WebClient service remotely as a low-priv user?"

Very interesting read. The article walks you through the entire thought process and tackles various Windows internals. And even if the result may seem underwhelming, it lays the ground for others to try and take on this challenge. 😉

👉 https://specterops.io/blog/2025/08/19/will-webclient-start/

SMAP is coming to Windows

[RSS] The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) - watchTowr Labs

https://labs.watchtowr.com/the-one-where-we-just-steal-the-vulnerabilities-crushftp-cve-2025-54309

Magical Breakpoints and Where to Find Them

Total respect for Alyssa Anne Rosenzweig, @lina@vt.social and all the other developers from Asahi Linux for reverse engineering Apples M1 GPU architecture to the point where they surpassed Apple by providing Vulkan support.
That is so unbelievable outstanding!
No one else of all those other senior developers in the whole wide world didn't even bother to try. Meanwhile someone born 2001 (like Alyssa) did – I think the others are mostly in the same age range.
I can only repeat, this is outstanding!
Congratulations and thank you all for your incredible work!!

https://rosenzweig.io/blog/asahi-gpu-part-n.html

#asahilinux #asahi #m1reverseEngineering #apple #reverseengineering #linux