@@ -20,28 +20,6 @@ advisories, which can be browsed in the [Security
2020Advisories] ( https://github.com/google/security-research/security/advisories?state=published )
2121page.
2222
23- ## Proof of Concepts
24-
25- Accompanying proof-of-concept code will be used to demonstrate the
26- security vulnerabilities.
27-
28- | Year | Title | Advisories | Links |
29- | ---- | ----- | ---------- | ----- |
30- | 2023 | Oracle VM VirtualBox 7.0.10 r158379 Escape | [ CVE-2023 -22098] ( https://github.com/google/security-research/security/advisories/GHSA-q7p4-pxjx-6h42 ) | [ PoC] ( pocs/oracle/virtualbox/cve-2023-22098 )
31- | 2023 | Linux: eBPF Path Pruning gone wrong | [ CVE-2023 -2163] ( https://github.com/google/security-research/security/advisories/GHSA-j87x-j6mh-mv8v ) | [ PoC] ( pocs/linux/cve-2023-2163 )
32- | 2023 | XGETBV is non-deterministic on Intel CPUs | | [ PoC] ( pocs/cpus/xgetbv )
33- | 2023 | XSAVES Instruction May Fail to Save XMM Registers | | [ PoC] ( pocs/cpus/errata/amd/1386 )
34- | 2022 | RET2ASLR - Leaking ASLR from return instructions | | [ PoC] ( pocs/cpus/ret2aslr/src )
35- | 2022 | Unexpected Speculation Control of RETs | | [ PoC] ( pocs/cpus/top-of-stack )
36- | 2022 | Bleve Library: Traversal Vulnerabilities in Create / Delete IndexHandler | [ GHSA-gc7p -j7x8-h873] ( https://github.com/google/security-research/security/advisories/GHSA-gc7p-j7x8-h873 ) | [ PoC] ( pocs/bleve )
37- | 2022 | Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library | [ CVE-2022 -30187] ( https://github.com/google/security-research/security/advisories/GHSA-6m8q-r22q-vfxh ) | [ PoC] ( pocs/azure/oracle/net/keymaterial/azure )
38- | 2022 | Apple: Heap-based Buffer Overflow in libresolv | [ GHSA-6cjw -q72j-mh57] ( https://github.com/google/security-research/security/advisories/GHSA-6cjw-q72j-mh57 ) | [ PoC] ( pocs/apple/libresolv )
39- | 2022 | Apache: Code execution in log4j2 | [ CVE-2021 -45046] ( https://github.com/google/security-research/security/advisories/GHSA-ggmf-hg75-88gg ) | [ PoC] ( pocs/log4j )
40- | 2021 | Surface Pro 3: BIOS False Health Attestation (TPM Carte Blanche) | [ CVE-2021 -42299] ( https://github.com/google/security-research/security/advisories/GHSA-c4qg-jj77-rcc3 ) | [ Write-up] ( https://google.github.io/security-research/pocs/bios/tpm-carte-blanche/writeup.html ) , [ PoC] ( pocs/bios/tpm-carte-blanche )
41- | 2021 | CVE-2021 -22555: Turning \x00\x00 into 10000$ | [ CVE-2021 -22555] ( https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528 ) | [ Write-up] ( https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html ) , [ PoC] ( pocs/linux/cve-2021-22555 )
42- | 2021 | Linux: KVM VM_IO\| VM_PFNMAP vma mishandling | [ CVE-2021 -22543] ( https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584 ) | [ PoC] ( pocs/linux/kvm_vma )
43- | 2021 | BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution | [ CVE-2020 -24490] ( https://github.com/google/security-research/security/advisories/GHSA-ccx2-w2r4-x649 ) , [ CVE-2020 -12351] ( https://github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq ) , [ CVE-2020 -12352] ( https://github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq ) | [ Write-up] ( https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html ) , [ PoC] ( pocs/linux/bleedingtooth )
44-
4523# License & Patents
4624
4725The advisories and patches posted here are free and open source.
0 commit comments