HyperKit Bugs & an Open5GS Stack Overflow [Binary Exploitation]

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/hyperkit-bugs-an-open5gs-stack-overflow.html Uninitialized variables everywhere in Hyperkit, and a Open5GS stack-based buffer overflow. [00:00:19] Spot The Vuln - Mind the Sign - Solution [00:00:51] Spot The Vuln - Mind the Sign - Solution [00:03:53] In EU no contract can prevent you from decompiling software you bought, if your goal is fixing a bug. [00:11:05] Open5GS Stack Buffer Overflow During PFCP Session Establishment on UPF [CVE-2021-41794] [00:14:00] Open5GS Stack Buffer Overflow During PFCP Session Establishment on UPF [CVE-2021-41794] [00:15:27] Code execution outside the virtualized guest in hyperkit [00:19:45] Disclosure of the host memory into the virtualized guest in hyperkit [CVE-2021-32847] [00:30:14] The Challenges of Fuzzing 5G Protocols The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.