94 matches found
RustCrypto security vulnerabilities
RustCrypto is an open-source authentication encryption algorithm with associated data algorithms developed by RustCrypto. Versions of RustCrypto prior to 0.4.4 contained security vulnerabilities, which were caused by the compiler generating non-constant-time assembly code...
EUVD-2019-16048
Malware in sbrugna...
EUVD-2015-0994
Malware in sbrugna...
EUVD-2018-12978
Malware in sbrugna...
Go Assembly Mutation Testing
While maintaining and developing the Go cryptography standard library, we often spend significantly more time on testing than on implementation. That’s good and an important part of how we achieve our excellent security track record. Ideally, this would be especially true for the least safe parts...
Deconstructing Obfuscation: a Four-Dimensional Framework for Evaluating Large Language Models Assembly Code Deobfuscation Capabilities
Large language models LLMs have shown promise in software engineering, yet their effectiveness for binary analysis remains unexplored. We present the first comprehensive evaluation of commercial LLMs for assembly code deobfuscation. Testing seven state-of-the-art models against four obfuscation...
CVE-2022-48922
In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The tracehardirqson,off require the caller to setup frame pointer properly. This because these two functions use macro 'CALLERADDR1' aka. builtinreturnaddress1 to acquire caller...
CVE-2022-48922 riscv: fix oops caused by irqsoff latency tracer
In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The tracehardirqson,off require the caller to setup frame pointer properly. This because these two functions use macro 'CALLERADDR1' aka. builtinreturnaddress1 to acquire caller...
CVE-2021-47618 ARM: 9170/1: fix panic when kasan and kprobe are enabled
In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replaced by kprobe. some instructions may be simulated by constructing assembly functions. therefore, before executing...
CVE-2024-33904
In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...
CVE-2024-33904
In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...
Hyprland 安全漏洞
Hyprland is a wlroots-based dynamic tiling Wayland composition application open-sourced by Hypr Development. A security vulnerability exists in Hyprland version 0.39.1 and earlier versions. An attacker could exploit this vulnerability to execute arbitrary assembly code by writing predictable...
CVE-2024-33904
Hyprland up to version 0.39.1 (
CVE-2024-33904
In plugins/HookSystem.cpp in Hyprland through 0.39.1 before 28c8561, through a race condition, a local attacker can cause execution of arbitrary assembly code by writing to a predictable temporary file...
LLVM 安全漏洞
LLVM is a toolkit for building highly optimized compilers, optimizers, and runtime environments for LLVM. A security vulnerability exists in LLVM versions prior to 18.1.3 that stems from the presence of an assembly code generation error problem...
LinearBondingCurve.log2 function contains an incorrect shift operation that could lead to wrong calculation.
Lines of code Vulnerability details Impact The values in the shift operation are reversed. The provided inline assembly code for the log2 function appears to be an issue in the sequence of shift operations. Let's break down the relevant part of the code: r := or r, byte and0x1f, shrshrr, x,...
UBUNTU-CVE-2022-29654
Buffer overflow vulnerability in quoteforpmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file...
CVE-2021-34123
An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf in asm.c allows attackers to execute arbitrary code on the system via a crafted file...
CVE-2022-28285
When generating the assembly code for MLoadTypedArrayElementHole, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird 91.8, Firefox 99, and Firefox ESR 91.8...
CVE-2022-28285
CVE-2022-28285 describes an incorrect AliasSet used during MLoadTypedArrayElementHole JIT codegen, enabling a potential out-of-bounds read when combined with another vulnerability. Affected products include Thunderbird < 91.8, Firefox < 99, and Firefox ESR