[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs

Published: April 7, 2022, midnight

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/forcedentry-sandbox-escape-and-netfilter-bugs.html

\n

More information about the FORCEDENTRY exploit chain, and some Linux exploitation with a couple netfilter bugs. Ending the episode with some discussion about exploiting blind kernel read primitives from Microsoft.

\n

[00:00:28] Spot the Vuln - Adding Entropy

\n

[00:02:56] FORCEDENTRY: Sandbox Escape

\n

[00:15:21] How The Tables Have Turned: An analysis of two new Linux vulnerabilities in nf_tables

\n

[00:32:38] Exploring a New Class of Kernel Exploit Primitive

\n

[00:40:18] BlueHat IL Videos are up

\n

The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week:

\n

    \n\t
  • Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities
  • \n\t
  • Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits.
  • \n
\n

The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec

\n

You can also join our discord: https://discord.gg/daTxTK9

\n

Or follow us on Twitter (@dayzerosec) to know when new releases are coming.