Tag: GitHub Security Lab
-
Attacking browser extensions
Browser extensions first became mainstream in the early 2000s with their adoption by Firefox and Chromium and their popularity has been …
-
Securing the open source supply chain: The essential role of CVEs
As security continues to shift left, developers are increasing as the first line of defense against vulnerabilities. In fact, open source …
-
From object transition to RCE in the Chrome renderer
In this post, I’ll exploit CVE-2024-5830, a type confusion bug in v8, the Javascript engine of Chrome that I reported in May 2024 as bug …
-
Attack of the clones: Getting RCE in Chrome’s renderer with duplicate object properties
In this post, I’ll exploit CVE-2024-3833, an object corruption bug in v8, the Javascript engine of Chrome, that I reported in March 2024 …
-
CodeQL zero to hero part 3: Security research with CodeQL
I’ve written a bit in the past about static analysis (CodeQL zero to hero part 1: Fundamentals of static analysis) and basics of writing …
-
Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private vulnerability reporting
Hello fellow readers! Have you ever wondered how the GitHub Security Lab performs security …
-
Gaining kernel code execution on an MTE-enabled Pixel 8
In this post, I’ll look at CVE-2023-6241, a vulnerability in the Arm Mali GPU that I reported to Arm on November 15, 2023 and was fixed …
-
Securing our home labs: Frigate code review
At GitHub Security Lab, we are continuously analyzing open source projects in line with our goal of keeping the software ecosystem safe. …
-
Securing our home labs: Home Assistant code review
Introduction In July, the GitHub Security Lab team conducted a collaborative review of one of our favorite software pieces. While it’s …
-
Getting RCE in Chrome with incomplete object initialization in the Maglev compiler
In this post I’ll exploit CVE-2023-4069, a type confusion vulnerability that I reported in July 2023. The vulnerability—which allows …
-
Coordinated Disclosure: 1-Click RCE on GNOME (CVE-2023-43641)
Today, in coordination with Ilya Lipnitskiy (the maintainer of libcue) and the distros mailing list, the GitHub Security Lab is disclosing …
-
Getting RCE in Chrome with incorrect side effect in the JIT compiler
In this post, I’ll explain how to exploit CVE-2023-3420, a type confusion vulnerability in v8 (the Javascript engine of Chrome), that I …
●●●