CVE-2022-50511 lib/fonts: fix undefined behavior in bit shift for get_default_font

In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...

A year of Windows kernel font fuzzing #2: the techniques

Posted by Mateusz Jurczyk of Google Project Zero In part 1 of the series see here, we discussed the motivation and outcomes of our year long fuzzing effort against the Windows kernel font engine, followed by an analysis of two bug collisions with Keen Team and Hacking Team that ensued as a result...

Hacking Team attack code analysis Part 1: Flash 0day-vulnerability warning-the black bar safety net

The recent special offers by attacks techniques for network monitoring hacking company Hacking Team is black, contains the company's email, documents, and the attack Code of 400G data leakage. 360Vulcan Team the first time to obtain the relevant information, and for which exploit code is analyzed...

Microsoft Windows Kernel Font Driver CVE-2015-0060 Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to cause the system to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows 7 for 32-bit Systems SP1...

Preemptive Protection against Microsoft Windows Kernel Font Library File Buffer Overrun (MS11-077; CVE-2011-2003)

A buffer overflow vulnerability has been reported in Microsoft Windows kernel...