#patchdiffing — Public Fediverse posts on home.social

clearbluejar @[email protected] · 2024-04-10 · 03:41 UTC

Hot of the #ghidriff #patchdiffing press for April 2024 we have CVE-2024-26219 in HTTP.sys 🔥

MSRC just started publishing CWE info! For this CVE we have a "CWE-476: NULL Pointer Dereference" 👀

See if you can find it 🧐

Hint: "UxLastMdlChunkNullFix"

https://gist.github.com/clearbluejar/a4917caf66a9e34d58d101225da96587

#ghidriff #patchdiffing

clearbluejar @[email protected] · 2024-01-12 · 05:16 UTC

hello 2024!

Hot off the #ghidriff #patchdiffing press we have the January 9, 2024—KB5034122 Windows 10 22H2 x64 kernel update ...
https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248 🔥

Side by side view is here: https://diffpreview.github.io/?0e52d80a2f489d8a226f12da5e1c1248 👀

This month the kernel fixes include CVE-2024-20698 ... as there are not too many changes, perhaps we find the root cause?

Take at look this function... https://gist.github.com/clearbluejar/0e52d80a2f489d8a226f12da5e1c1248#wbaddlookupentryex 🧐

Hint: It rhymes with "vintager afterglow".

#ghidriff #patchdiffing

clearbluejar @[email protected] · 2023-12-13 · 18:13 UTC

Hot off the #ghidriff #patchdiffing press, we have the December Windows 11 22H2 x64 kernel security update KB5033375: https://gist.github.com/clearbluejar/4f0c979c314a80374402545cd1ae45cd 🧐

Side-by-side view here: https://diffpreview.github.io/?4f0c979c314a80374402545cd1ae45cd 👀

#ghidriff #patchdiffing

clearbluejar @[email protected] · 2023-11-16 · 21:56 UTC

Hot off the #ghidriff #patchdiffing press we have November's Windows 11 22H2 x64 kernel update KB5032190:
https://gist.github.com/clearbluejar/02fc449d3915fed375921e9d80bac42b 🧐

Side by side view is here: https://diffpreview.github.io/?02fc449d3915fed375921e9d80bac42b 👀

#ghidriff #patchdiffing

clearbluejar @[email protected] · 2023-11-03 · 08:07 UTC

ghidriff v0.5.1 - usability updates, improved automated testing , and bug fixes 🪲

- github workflows now test a matrix of devcontainers across versions of python, Ghidra, and Java 🔥

https://github.com/clearbluejar/ghidriff/releases/tag/v0.5.1

#patchdiffing #ghidra #githubactions

clearbluejar @[email protected] · 2023-10-20 · 13:54 UTC

Hot off the #ghidriff #patchdiffing press we have October's Windows 11 22H2 kernel Update KB5031354...

https://gist.github.com/clearbluejar/58af23c6b17eefae87608ef2d67d22d7 👀

#ghidriff #patchdiffing

Joxean Koret (@matalaz) @[email protected] · 2023-10-15 · 21:40 UTC

The support for finding fixed signedness issues in #Diaphora is working (to highlight potentially fixed vulnerabilites):

#BinaryDiffing #PatchDiffing

#diaphora #binarydiffing #patchdiffing

clearbluejar @[email protected] · 2023-10-11 · 17:09 UTC

say hello to ghidriff 🔥

#ghidra #patchdiffing #Python

https://github.com/clearbluejar/ghidriff

#ghidra #patchdiffing #python

Joxean Koret (@matalaz) @[email protected] · 2023-10-11 · 07:20 UTC

Any cool bug on this Patch Tuesday? Anything cool to diff with #Diaphora and enhance the ability to try to find patched vulnerabilities?

#PatchTuesday #PatchDiffing #BinaryDiffing #BinDiffing

#binarydiffing #bindiffing #diaphora #patchtuesday #patchdiffing

Joxean Koret (@matalaz) @[email protected] · 2023-09-30 · 08:34 UTC

Did you know that #Diaphora detects patch diffing sessions and tries to help finding where vulnerabilities were fixed? Here are some examples for CVE-2020-1350 and CVE-2023-28231.

#patchdiffing #binarydiffing #bindiffing #vulnerabilityresearch #vulndev

#diaphora #patchdiffing #binarydiffing #bindiffing #vulnerabilityresearch #vulndev

raptor @[email protected] · 2023-01-26 · 07:26 UTC

Very well written #Windows #patchdiffing and #nday #exploitation walkthrough ✊

Dissecting and Exploiting TCP/IP RCE #Vulnerability EvilESP (CVE-2022-34718)

// by @chompie1337

https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/

#windows #patchdiffing #nday #exploitation #vulnerability