#buffer_overflow

By Deeba Ahmed Vendors have 90 days to release security patches before Trend Micro publicly discloses it. This is a post from HackRead.com Read the original post: Hackers Crack Tesla Twice, Rake in $1.3 Million at Pwn2Own Automotive

By Deeba Ahmed Bug Bounty Bonanza: Hackers Rake in Big Bucks as Connected Cars Show Security Cracks. This is a post from HackRead.com Read the original post: Pwn2Own Automotive: Tesla, Sony, Alpine Players Breached on Day One

Red Hat Security Advisory 2024-0343-03 - An update for LibRaw is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

The company says it wants to protect you from “viruses.” Experts are skeptical.

Red Hat Security Advisory 2024-0320-03 - An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Issues addressed include a buffer overflow vulnerability.

### Summary `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. Tracked in issue https://github.com/vyperlang/vyper/issues/3737 ### Details The `build_IR` allocates a new internal variable for the concatenation: https://github.com/vyperlang/vyper/blob/3b310d5292c4d1448e673d7b3adb223f9353260e/vyper/builtins/functions.py#L534-L550 Notice that the buffer is allocated for the `maxlen` + 1 word to actually hold the length of the array. Later the `copy_bytes` function is used to copy the actual source arguments to the destination: https://github.com/vyperlang/vyper/blob/3b310d5292c4d1448e673d7b3adb223f9353260e/vyper/builtins/functions.py#L569-L572 The `dst_data` is defined via: ...

By Deeba Ahmed Quarkslab Discovers "PixieFail" Vulnerabilities: Critical Flaws in Open Source UEFI Code Require Immediate Patching. This is a post from HackRead.com Read the original post: Critical “PixieFail” Flaws Expose Millions of Devices to Cyberattacks

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. A buffer over-read exists in the dtls_sha256_update function. This bug allows remote attackers to cause a denial of service (crash) and possibly read sensitive information by sending a malformed packet with an over-large fragment length field, due to servers incorrectly handling malformed packets.

An issue was discovered in Contiki-NG tinyDTLS versions through 2018-08-30. Incorrect handling of over-large packets in dtls_ccm_decrypt_message() causes a buffer over-read that can expose sensitive information.

Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to