Patch diffing CVE-2022–21907

Only a few changed functions
UlpFreeFastTracker Unpatched (on the left) And patched on the right
memset is added
additional memset of 0
memset 0 on 290 byte buffer at rax
There is a call to UlpFreeFastTracker from UlfastSendHttpResponse
Direct path into UlpAllocateFastTracker
This looks promising

--

--

--

Red Teamer — Security Researcher — Breaking things is fun, except when its not

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ultimate Cloud-Native Newsletter — Issue #1

My Pain Points writing a Telegram Bot (in Python)

What is recursion in a programming world?

Best Drupal Hosting

An Introduction to Evernote

A Woman Scanning a Document into Evernote

My First Full-Stack Application and How I Used Active Record Models and Associations

Optimize Your Company’s Cash Flow with Scipy

Automation Using Ansible.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chris Hernandez

Chris Hernandez

Red Teamer — Security Researcher — Breaking things is fun, except when its not

More from Medium

Deleted ≠ Destroyed

picoCTF: Glory of the Garden

Egg Hunter: looking for a needle in a haystack

GAARA — Offensive Security PG Play