Tag: GitHub Security Lab
-
Gaining kernel code execution on an MTE-enabled Pixel 8
In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported to Arm on November 15, 2023 and was fixed …
-
Securing our home labs: Frigate code review
At GitHub Security Lab, we are continuously analyzing open source projects in line with our goal of keeping the software ecosystem safe. …
-
Securing our home labs: Home Assistant code review
Introduction In July, the GitHub Security Lab team conducted a collaborative review of one of our favorite software pieces. While it’s …
-
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
In this post I’ll exploit CVE-2023-4069, a type confusion vulnerability that I reported in July 2023. The vulnerability—which allows …
-
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
Today, in coordination with Ilya Lipnitskiy (the maintainer of libcue) and the distros mailing list, the GitHub Security Lab is disclosing …
-
Getting RCE in Chrome with incorrect side effect in the JIT compiler
In this post, I’ll explain how to exploit CVE-2023-3420, a type confusion vulnerability in v8 (the Javascript engine of Chrome), that I …
-
The GitHub Security Lab’s journey to disclosing 500 CVEs in open source projects
When I stepped onto the scale this morning, I remembered that there are some numbers that feel awkward to celebrate, while perhaps some …
-
mTLS: When certificate authentication is done wrong
Although X.509 certificates have been here for a while, they have become more popular for client authentication in zero-trust networks in …
-
Closing vulnerabilities in Decidim, a Ruby-based citizen participation platform
The world runs on software, and 97% of software projects include open source. It has truly built the backbone of so much of what powers our …
-
Introduction to SELinux
At GitHub Security Lab, our main mission is helping secure the open source software we all rely on. While securing applications themselves …
-
New tool to secure your GitHub Actions
We are excited to release a public beta of actions-permissions, a tool which monitors your GitHub Actions workflows and recommends the …
-
CodeQL zero to hero part 2: getting started with CodeQL
CodeQL is a static analysis tool that can be used to automatically scan your applications for vulnerabilities and to assist with a manual …
●●●