Chrome Exploits and a Firefox Update Bug [Binary Exploitation]

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/chrome-exploits-and-a-firefox-update-bug.html This week we start off with a nice introduction to signedness issues before diving into a couple Chrome bugs (type confusion and use-after-free) [00:00:17] Spot the Vuln - I Can't Even (Solution) [00:03:46] Fixing a Security Bug by Changing a Function Signature [00:11:58] Chrome in-the-wild bug analysis: CVE-2021-30632 [00:21:25] GHSL-2021-124: Use After Free (UAF) in Chrome - CVE-2021-30528 [00:26:56] Phrack - Issue 70 The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.