ForAllSecure targetted CSDS running CROMU_00055 in round 8.

Type 1 POV

eip:0xbb643826 - eax:0x3265b869

Execution control corruption via return (return to: 0xbaaaaeb8).

Tracing data from eip: 0x9465fa5 tracing source of memory: 0xbaaaaeb8 (value: 0xbaaaaebc)

0x9465f96 : receive syscall (return)
0x9465fa5: ret // address: 0xbaaaaeb8 value: 0xbaaaaebc

Execution of memory occurred that was not part of the initial text sections or an executably allocated page.

Tracing data from eip: 0xbaaaaebc tracing source of memory: 0xbaaaaebc (value: 0xfff1fabc)

0x9465f96 : receive syscall (return)
0xbaaaaebc: mov esp,0xb7fff1fa // address: 0xbaaaaebc value: 0xfff1fabc

Negotiated general register: eax:0x3265b869

Tracing data from eip: 0xbaaaaec2 tracing source of register: eax (value: 0x3265b869)

0x9465f96 : receive syscall (return)
0xbaaaaec1 : pop eax
0xbaaaaec2: ret // address: eax value: 0x3265b869

Curated by Lunge Technology, LLC. Questions or comments? Send us email