/g/ - Technology

install openbsd

[Make a Post]
[X]





Exploit using HEVC video Nanonymous No.5160 [D][U][F][S][L][A][C]
File: 72c4f4fe839dbc23f06c3100e94d7379470662b9ad09c7ba47651c6ade91d492.png (dl) (158.24 KiB)

>near 2020
>exploited by a video file
Software sucks.
>CVE-2019-2107
>In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.
https://nvd.nist.gov/vuln/detail/CVE-2019-2107

PoC:
https://github.com/marcinguy/CVE-2019-2107

Nanonymous No.5164 [D] >>5179

>with non-executable files you're safe
Not so with player full of holes. It was always theoretically possible to exploit using video file and this is example.

>Software sucks
Software, like anything done by humans, is full of errors. Even if they fix this one next will be found and so forever.

Nanonymous No.5179 [D][U][F] >>5182
File: 803a20c8ef4eedbaacb498f9cc8ab4737e30b9c508dc972680a2bd54dfd3614b.jpg (dl) (213.82 KiB)

>>5164
IIRC (I don't actually remember LOL) it was possible to insert a specifically crafted TEXT payloads into webpages and own browsers that way.
<hey bud, did you think plaintext files were safe? THINK AGAIN

I've been thinking about safety a little bit (not much though), and what do you think, how much of it could be mitigated by using pure Harvard architecture instead of what we have now?

Nanonymous No.5182 [D] >>5183

>>5179
See >>>/g/4908

Nanonymous No.5183 [D][U][F] >>5188
File: 08ad42ab962ecdd4bcf7591abb4717890f933b29cceb219589d83c4e5833cf55.jpg (dl) (220.85 KiB)

>>5182
Formally verified software is not the same.


Nanonymous No.5188 [D]

>>5183
Why?