## The fuzzy tale of an x/crypto vulnerability Michael McLoughlin Gophercon 2019 Lightning Talks Uber Advanced Technologies Group ## 8 ,140 lines of amd64 assembly in crypto ## 10 ,474 lines of amd64

Security Amanda Rousseau 2024 September 15-20 Aurora, Colorado, USA 1. Adversarial Scenarios 2. Vulnerability Trends 3. Exploits in the Wild 4. Strategies for Secure C++ Development ## WHOAMI AMANDA ROUSSEAU Malware RE 0x40E041 malwareunicorn.org 0x40E04C Twitter # @malwareunicorn ## Day in the Life: Vulnerability Research • Looking at code 75% • Instrumenting fuzzing harnesses 5% • Making POC when needed BITTER APT group CVE-2021-28310 • Used for privilege escalation • Out-of-bounds (OOB) write vulnerability in dwmcore.dll, which is part of Desktop Window Manager (dwm.exe) • Attacker grooms the heap

signing and validation - Identity integration and role-based access control - Security and vulnerability analysis - Image replication between instances - Internationalization (currently English scanning based on updated vulnerabilities databas ## mage Vul ner ability Scanning Update a vulnerability data regularly from various — Debian security Bug Tracker — Ubuntu CVE Tracker — Red Hat Security and vul nerability scannin ## < Projects < Repositories production/golang Info Images Vulnerability Severity: High 22 of 115 packages have known vulnerabilities. 7 high SCAN COPY DIGEST +ADD

fuzzers written and added to Istio's OSS-Fuzz integration ## 1 CVE found in Golang ## 1 vulnerability found that affected Googles managed Istio offering ## 11 issues found • 5 system resource exhaustion affected Google’s managed Istio offering, and it led to further investigation that revealed a vulnerability in Golang itself. The finding was reported by the auditing team to the Istio maintainers, because connection, which could lead to a denial of service scenario if a large request was sent. This is a vulnerability, however, to be vulnerable, users would need the MultiplexHTTP option configured - used by some

– RBAC: admin, developer, guest – AD/LDAP integration • Policy based image replication • Vulnerability Scanning • Notary • Web UI • Audit and logs • Restful API for integration • Lightweight and Image is pulled using digest • Perform vulnerability scanning – Prevent images with vulnerabilities from being pulled – Regular scanning based on updated vulnerability database ## Content trust for image analysis of vulnerability by inspecting filesystem of container image and indexing features in database. - Rescanning is needed only and only if new detectors are added. • Update vulnerability data regularly

the same Dapr building blocks. None of the issues were of critical or high severity. We found a vulnerability in a 3rd-party dependency which was assigned a CVE $ ^{1} $ of high severity, however it did is not enabled by default. The vulnerability had the potential to crash a Dapr sidecar with an out-of-memory denial of service attack vector. We found the vulnerability after performing the threat modelling example, if Dapr sends a request to a NodeJS application that triggers a remote code execution vulnerability in the NodeJS application $ ^{3} $ , this is entirely the responsibility of the application; Dapr

21 年底所爆发的 $ \log_{4}j $ 漏洞，是否会让公司购买开源产品更加保守谨慎？开源安全任重而道远。 Duan Xihua: I wonder if the log4j vulnerability in late 2021 will make companies more conservative and cautious in buying open source products the top 10 seats. ### 2.8 开源安全与合规 Open Source Security and Compliance #### 2.8.1 CVE 漏洞风险 CVE Vulnerability Risks Gitee 采用棱镜七彩 FossEye 静态扫描了 1.5 万 个 Gitee 平台上具有代表性的优质推荐开源项目仓库，结果显示有超过 93% 不存在 CVE 漏洞风险。 51%，存在超 ### 过 10 个 CVE 漏洞的占比 2.58%。 Of the projects with CVE vulnerabilities, 18.51% have one CVE vulnerability, and 2.58% have more than 10 CVE vulnerabilities. ![Image](/uploads/documents/5/e/2/b/5e2b69

• @virejdasani ##### 5.15 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) ##### 5.16 6.1.4 • Fix broken links • Tres DuBiel ##### 5.22 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a

@kevin-bates • @virejdasani ##### 5.16 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) ##### 5.17 6.1.4 • Fix broken links • Tres DuBiel ##### 5.23 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a

@kevin-bates • @virejdasani ##### 5.16 6.1.5 6.1.5 is a security release, fixing one vulnerability: • Fix open redirect vulnerability GHSA-c7vm-f5p4-8fqh (CVE to be assigned) ##### 5.17 6.1.4 • Fix broken links • Tres DuBiel ##### 5.23 6.0.2 • Update JQuery dependency to version 3.4.1 to fix security vulnerability (CVE-2019-11358) • Update CodeMirror to version 5.48.4 to fix Python formatting issues • Continue previous minor releases of Jupyter Notebook and also included in version 6.0. • Fix Open Redirect vulnerability (CVE-2019-10255) where certain malicious URLs could redirect from the Jupyter login page to a