The Discovery and Exploitation of CVE-2022-25636 · Nick Gregory
Nick Gregory's blog
Hasnain says:
I liked this post a lot. It’s not like the usual blogpost announcing *what* a bug is - rather, it goes into how the bug was found and the exploit was built. And explains some of the thought process so others can replicate it.
“This was a really fun bug to discover and work on. From start to end, it took just under a week to find, triage the bug, figure out how to hit it, and build the exploit. While not novel, the OOB write primitive we get with it is also pretty interesting, and makes for quite a clean exploit as we’ve seen.”
Posted on 2022-03-13T08:06:56+0000