SHA-3 Buffer Overflow

mouha.be

SHA-3 Buffer Overflow

mouha.be

@c0mmandoMA to

Netsec • 1 year ago

SHA-3 Buffer Overflow – Nicky Mouha

mouha.be

cross-posted from: https://community.hackliberty.org/post/6685

Over the past few months, I’ve been coordinating the disclosure of a new vulnerability that I’ve found. Today is the disclosure date, so I am excited that I can finally talk about what I’ve been working on! The vulnerability has been assigned CVE-2022-37454 and the security advisory is available here.

The vulnerability impacts the eXtended Keccak Code Package (XKCP), which is the “official” SHA-3 implementation by its designers. It also impacts various projects that have incorporated this code, such as the Python and PHP scripting languages.

You must log in or register to comment.

Chat

Netsec

!netsec@links.hackliberty.org

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !netsec@links.hackliberty.org

netsec is a community-curated aggregator of technical information security content. Our mission is to extract signal from the noise — to provide value to security practitioners, students, researchers, and hackers everywhere. ‎

Rules

Don’t do unto others what you don’t want done unto you.
No Porn, Gore, or NSFW content. Instant Ban.
No Spamming, Trolling or Unsolicited Ads. Instant Ban.
Stay on topic in a community. Please reach out to an admin to create a new community.

11 users / day
11 users / week
54 users / month
680 users / 6 months
617 subscribers
266 Posts
132 Comments
Modlog

mods:
@c0mmando