logo
episode-header-image
Jul 2022
9m 23s

This dangerous OpenSSL vulnerability can...

Hussein Nasser
About this episode

We discuss the CVE-2022-2274 OpenSSL Vulnerability.

The OpenSSL 3.0.4 release introduced a serious bug in the RSA

implementation for X86_64 CPUs supporting the AVX512IFMA instructions.

This issue makes the RSA implementation with 2048 bit private keys

incorrect on such machines and memory corruption will happen during

the computation. As a consequence of the memory corruption an attacker

may be able to trigger a remote code execution on the machine performing

the computation.

0:00 Intro

1:00 CVE-2022-2274

3:00 AVX512IFMA CISC

5:00 How the bug works

7:10 How can it be triggered

Resources

https://www.openssl.org/news/secadv/20220705.txt

https://github.com/openssl/openssl/issues/18625

https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/

https://eprint.iacr.org/2018/335

https://github.com/openssl/openssl/commit/4d8a88c134df634ba610ff8db1eb8478ac5fd345

https://linux.die.net/man/3/bn_internal

https://www.microfocus.com/documentation/enterprise-developer/ed60/ES-WIN/GUID-E3960B1E-C42E-4748-A5EB-6E12507C9CD7.html

https://www.microcontrollertips.com/risc-vs-cisc-architectures-one-better/

Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon)

https://network.husseinnasser.com

--- Support this podcast: https://anchor.fm/hnasr/support
Up next
Jun 13
kTLS - Kernel level TLS
Fundamentals of Operating Systems Course https://oscourse.winktls is brilliant.TLS encryption/decryption often happens in userland. While TCP lives in the kernel. With ktls, userland can hand the keys to the kernel and the kernel does crypto. When calling write, the kernel encryp ... Show More
22m 55s
May 9
The beauty of the CPU
If you are bored of contemporary topics of AI and need a breather, I invite you to join me to explore a mundane, fundamental and earthy topic.The CPU.A reading of my substack article https://hnasr.substack.com/p/the-beauty-of-the-cpu 
9m 38s
Apr 18
Sequential Scans in Postgres just got faster
This new PostgreSQL 17 feature is game changer. They know can combine IOs when performing sequential scan. Grab my database coursehttps://courses.husseinnasser.com 
27m 36s
Recommended Episodes
Apr 2020
JavaScript Vulnerabilities with Tim Kadlec - The State of the Web
(Originally aired on YouTube on May 30, 2018) Rick and Tim talk about how insecure much of the web really is, the various vulnerabilities in web security that can leave you open to attack, the challenge of making your organization aware of these risks, and how they could be explo ... Show More
12m 32s
Mar 2024
Episode 64: .NET Remoting, CDN Attack Surface, and Recon vs Main App
Episode 64: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Justin and Joel delve into .NET remoting and how it can be exploited, a recent bypass in the Dom Purify library and some interesting functionality in the Cloudflare CDN-CGI endpoint. They also tou ... Show More
1h 8m
May 2022
CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388. [CISA Cybersecurity Alerts]
CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication bypass vulnerability affecting multiple ver ... Show More
3m 20s
May 2024
Episode 73: Sandboxed IFrames and WAF Bypasses
Episode 73: In this episode of Critical Thinking - Bug Bounty Podcast we give a brief recap of Nahamcon and then touch on some topics like WAF bypass tools, sandboxed iframes, and programs redacting your reports.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting th ... Show More
31m 13s
Jan 2024
Episode 54: White Box Formulas - Vulnerable Coding Patterns
Episode 54: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel are back with news items and new projects. Joel shares about his personal scraping project to gather data on bug bounty programs and distribution Next, they announce the launch of HackerNotes, a ... Show More
1h 12m
Jan 2024
545: 3,062 Days Later
Kent Overstreet, the creator of bcachefs, helps us understand where his new filesystem fits, what it's like to upstream a new filesystem, and how they've solved the RAID write hole.Special Guest: Kent Overstreet.Sponsored By:Tailscale: Tailscale is a Zero config VPN. It i ... Show More
57m 15s
Mar 2022
Securing the open source supply chain (Changelog Interviews #482)
This week we’re joined by the “mad scientist” himself, Feross Aboukhadijeh…and we’re talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain. While working on the frontlines of open source, Feross and team have witne ... Show More
1h 28m
Feb 2024
Episode 58: Youssef Sammouda - Client-Side & ATO War Stories
Episode 58: In this episode of Critical Thinking - Bug Bounty Podcast we finally sit down with Youssef Samouda and grill him on his various techniques for finding and exploiting client-side bugs and postMessage vulnerabilities. He shares some crazy stories about race conditions, ... Show More
1h 54m
Listen to millions of songs and podcasts on Anghami