ali@pwnworld:/posts$
-
Elixir Cross Referencer: Indexing and Auditing Source Code
Elixir Elixir is a source code cross-referencer inspired by LXR. It’s written in Python and its main purpose is to index every release of a C or C++ project (like the Linux kernel) while keeping a minimal footprint. It uses Git as a source-code file store and Berkeley DB for...
-
CVE-2024-22857: Arbitrary Code Execution in zlog
Vulnerability Heap based buffer flow in zlog v1.1.0 to v1.2.17 in zlog_rule_new(). Size of record_name is MAXLEN_PATH(1024) + 1 but file_path may have data upto MAXLEN_CFG_LINE(MAXLEN_PATH*4) + 1. So a check was missing in zlog_rule_new() while copying the record_name from file_path + 1 which caused the buffer overflow. An attacker...
-
Linux Kernel Compilation and Adding a Custom System Call
Prerequisites Please make sure you have a good amount of free space. As for Virtual Machines, people were having issues when they allocated only 20GB of storage space. So at least allocate 50GBs to avoid the issues. Install the following packages before moving to next step: sudo apt install gcc...