Harry Sintonen
Infosec consultant @WithSecure - Coding, Research + various other interests
- 4 Posts
- 4 Comments
Joined 2 years ago
Cake day: November 18th, 2022
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
@gabrielesvelto Yeah, information for that vulnerability is non-existent as well. In all the vulnerability management doesn’t seem to be going great here.
Update: The “PeCoffLoader memory overflow issue for security” likely is CVE-2024-38796: https://nvd.nist.gov/vuln/detail/cve-2024-38796
I had actually forgotten I still had Docker installed on this system. I’ve now fixed this issue by uninstalling the malicious app. I’m using #podman elsewhere already, just had this install lingering still. Apple: Thanks for the warning!
@g@irrelephant.co Oof, that’s not good at all.
So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation “DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende” gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s