Post from 2024-08-22 18:46:04

CVE-2024-5535: `SSL_select_next_proto` buffer overread celebrating a decade of publishing your heap over the internet

https://jbp.io/2024/06/27/cve-2024-5535-openssl-memory-safety.html

Missed this one earlier, pretty fun bug and good writeup!

permalink | main