ForAllSecure targetted CSDS running CROMU_00055 in round 24.

Type 2 POV

Reading from protected address: 0x4347c0c7

0xbaaaae8c : push dword ptr [0x4347c0c7]

Execution control corruption via return (return to: 0xbaaaaeb8).

Tracing data from eip: 0x9465fa5 tracing source of memory: 0xbaaaaeb8 (value: 0xbaaaae85)

0x9465f96 : receive syscall (return)
0x9465fa5: ret // address: 0xbaaaaeb8 value: 0xbaaaae85

Execution of memory occurred that was not part of the initial text sections or an executably allocated page.

Tracing data from eip: 0xbaaaae85 tracing source of memory: 0xbaaaae85 (value: 0xf389f631)

0x9465f96 : receive syscall (return)
0xbaaaae85: xor esi,esi // address: 0xbaaaae85 value: 0xf389f631

Curated by Lunge Technology, LLC. Questions or comments? Send us email