[HN Gopher] CVE-2022-23088: Exploiting a Heap Overflow in the Fr... ___________________________________________________________________ CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack Author : todsacerdoti Score : 86 points Date : 2022-06-16 17:30 UTC (5 hours ago) (HTM) web link (www.thezdi.com) (TXT) w3m dump (www.thezdi.com) | theamk wrote: | Doesn't FreeBSD have KASLR? It would make thus attack much | harder. | rs_rs_rs_rs_rs wrote: | It does not have KASLR and it does not even have userland | binaries ASLR enabled by default(not that it matters for this | vulnerability). | | https://twitter.com/wdormann/status/1528742791383334917 | | >It would make thus attack much harder | | It won't make it much harder, just a teensy bit harder. | | https://grsecurity.net/kaslr_an_exercise_in_cargo_cult_secur... | nazgulsenpai wrote: | Will be interesting to see if the PlayStation 4 jail breaking | community can find some use for this! | djcannabiz wrote: | Memory safe languages!!!!! | lukestateson wrote: | TIL: FreeBSD has wi-fi stack | | /s | [deleted] ___________________________________________________________________ (page generated 2022-06-16 23:00 UTC)