LiveUnderflow | ping Vulnerability Patch Analysis (with #ChatGPT) - CVE-2022-23093 @LiveUnderflow | Uploaded 1 year ago | Updated 2 hours ago
Shop (advertisement): shop.liveoverflow.com
Using ChatGPT we try to analyse the ping vulnerability known as CVE-2022-23093. Can we figure out how the bug is triggered?
→ Twitch Subscription: twitch.tv/products/liveoverflow
→ per Video: patreon.com/join/liveoverflow
→ per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
CVE-2022-23093 Advisory: freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
Chapters:
00:00 - ping CVE-2022-23093 Introduction
00:34 - Reading Advisory
02:11 - Patch Analysis with ChatGPT
03:40 - Talking About ping Threat Model
05:15 - Reading (First) Bad Patch Explanation
06:50 - Understanding The IP Header
08:31 - Missing a Potential Overflow
10:22 - ping Response Packet Structure?
15:55 - What is oip_header_length?
19:07 - How Does Ping Work?
20:37 - Discovering Buffer Overflow
23:35 - The Fix
28:05 - ping Vulnerability Summary
31:00 - Exploitability Investigation with ChatGPT
37:25 - Outro
=[ 📄 Info. ]=
Main Channel: youtube.com/LiveOverflowCTF
Twitch: twitch.tv/LiveOverflow
=[ 🐕 Social ]=
→ Twitter: twitter.com/LiveOverflow
→ Website: liveoverflow.com
→ Subreddit: reddit.com/r/LiveOverflow
→ Facebook: facebook.com/LiveOverflow
=[ 📄 P.S. ]=
#liveoverflow
Shop (advertisement): shop.liveoverflow.com
Using ChatGPT we try to analyse the ping vulnerability known as CVE-2022-23093. Can we figure out how the bug is triggered?
→ Twitch Subscription: twitch.tv/products/liveoverflow
→ per Video: patreon.com/join/liveoverflow
→ per Month: youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
CVE-2022-23093 Advisory: freebsd.org/security/advisories/FreeBSD-SA-22:15.ping.asc
Chapters:
00:00 - ping CVE-2022-23093 Introduction
00:34 - Reading Advisory
02:11 - Patch Analysis with ChatGPT
03:40 - Talking About ping Threat Model
05:15 - Reading (First) Bad Patch Explanation
06:50 - Understanding The IP Header
08:31 - Missing a Potential Overflow
10:22 - ping Response Packet Structure?
15:55 - What is oip_header_length?
19:07 - How Does Ping Work?
20:37 - Discovering Buffer Overflow
23:35 - The Fix
28:05 - ping Vulnerability Summary
31:00 - Exploitability Investigation with ChatGPT
37:25 - Outro
=[ 📄 Info. ]=
Main Channel: youtube.com/LiveOverflowCTF
Twitch: twitch.tv/LiveOverflow
=[ 🐕 Social ]=
→ Twitter: twitter.com/LiveOverflow
→ Website: liveoverflow.com
→ Subreddit: reddit.com/r/LiveOverflow
→ Facebook: facebook.com/LiveOverflow
=[ 📄 P.S. ]=
#liveoverflow