tags:heap_overflowwindowsbindiff original link: Windows WiFi Driver RCE Vulnerability – CVE-2024-30078 newsletter link: exploits.club Weekly Newsletter 38 - Linux Races, Blind Memory Corruption, LLM Java Fuzzing, and More
Exploits Club Summary:
Speaking of teams who have been pushing out blog posts recently, Crowdfense has returned to the interwebs with an RCA and exploitability analysis of CVE-2024-30078. The post starts with a bindiff of the patched WiFi driver and then dissects the code changes. The team identified the bug stems from improper handling of packet data when translating IEEE 802.11 packets to Ethernet packets, which results in a 4-byte overflow. The blog then talks through the limitations of this bug, ultimately deciding it may not be critical/exploitable but eager to be proved wrong.