Ars Technica

Buffer overruns, license violations, and bad code: FreeBSD 13’s close call

At first glance, Matthew Macy seemed like a perfectly reasonable choice to port WireGuard into the FreeBSD kernel. WireGuard is an encrypted point-to-point tunneling protocol, part of what most people ...
CNET

Buffer overflows: Reasons to apply mundane-sounding software fixes

Many times when updates or security patches appear for the OS or applications, a common reason for the update is that an attacker can make the program execute arbitrary code, usually by tricking a ...
Computer Weekly

Exploiting Software: How to Break Code, Chapter 7 -- Buffer Overflow

This excerpt is from Chapter 7, Buffer Overflow of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw, and published by Addison-Wesley ...
InfoWorld

Buffer overflows and the difficulty of flawless code-writing

Last week I summarized the difficulties in preventing buffer overflows in complex software and introduced fuzzers. With multiple buffer overflows announced every week on some of the world’s most ...
Threat Post

Patched Code Execution Bug Affects Most Android Users

Researchers at IBM disclosed a serious buffer overflow vulnerability in Android 4.3 and earlier that could lead to code execution. The bug is patched in KitKat, but most users are on older versions. A ...
CSOonline

What is a buffer overflow? And how hackers exploit these vulnerabilities

A buffer overflow or overrun is a memory safety issue where a program does not properly check the boundaries of an allocated fixed-length memory buffer and writes more data than it can hold. This ...